A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
[ { "deprecated": false, "id": "CVE-2019-9721-1e4b4ede", "signature_type": "Function", "digest": { "length": 3610.0, "function_hash": "51195086334001458191859035190219042570" }, "target": { "file": "libavcodec/htmlsubtitles.c", "function": "ff_htmlmarkup_to_ass" }, "source": "https://github.com/ffmpeg/ffmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774", "signature_version": "v1" }, { "deprecated": false, "id": "CVE-2019-9721-efb6ae89", "signature_type": "Line", "digest": { "line_hashes": [ "181052376676104601782979859616773957010", "114335331683057061847747733341231002884", "52182576610393413327815494532710655027", "151988408299784471571915177291850664201", "143530476180291881434987183528048468203", "20671168889515778463202263099394878314", "117734745311139794259276495167403311113", "247691314197916473622205852293270336349", "91970035849042864838408869607449612939", "298548214798456625181670453837162301144", "51594798183235078235674705393957355135", "244888744203267073148994254791264550488" ], "threshold": 0.9 }, "target": { "file": "libavcodec/htmlsubtitles.c" }, "source": "https://github.com/ffmpeg/ffmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774", "signature_version": "v1" } ]