FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 6.2.9200.24614 |