In FFmpeg 3.3.3, a DoS in cinereadheader() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large "duration" field in the header but does not contain sufficient backing data, is provided, the image-offset parsing loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.
{
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "3.3.3"
}
],
"cpe": "cpe:2.3:a:ffmpeg:ffmpeg:3.3.3:*:*:*:*:*:*:*"
}