A significant security flaw has been identified in FFmpeg’s MagicYUV decoder, potentially allowing attackers to execute arbitrary code through malicious media files. This vulnerability, designated as CVE-2026-8461 and referred to as “PixelSmash,” is a heap out-of-bounds write issue within FFmpeg’s libavcodec component, carrying a CVSS score of 8.8, indicating a high severity level.
FFmpeg is a widely utilized multimedia framework incorporated into numerous applications, including desktop video players, Linux thumbnail generators, media servers, cloud transcoding services, and AI/ML data processing pipelines. The MagicYUV decoder is enabled by default in upstream FFmpeg builds and is present in most major Linux distributions, meaning the vulnerability could affect a broad range of systems and applications.
Security researchers have demonstrated that a single crafted AVI, MKV, or MOV file can exploit this flaw to crash applications or, with a more sophisticated exploit chain, execute arbitrary commands on the underlying system. Applications confirmed to be susceptible include Kodi, mpv, ffmpegthumbnailer, Jellyfin, Emby, Nextcloud, Immich, PhotoPrism, and OBS Studio. Notably, full remote code execution was achieved against Jellyfin media servers and Nextcloud instances using a malicious 50 KB AVI file.
The root cause of the vulnerability lies in the MagicYUV decoder’s handling of video slices and chroma plane heights. MagicYUV divides frames into horizontal slices, and for subsampled formats like YUV420P, the decoder must convert luma slice heights into chroma slice heights. A rounding mismatch between the frame allocator and the decoder allows an attacker-controlled slice_height value to cause FFmpeg to write beyond the end of a heap-allocated buffer.
In proof-of-concept exploits, a crafted media stream sets slice_height to an odd value, leading to off-by-one row accumulations that push writes into adjacent heap structures. These overflowing writes can overwrite FFmpeg memory structures, potentially leading to a call to system() with an attacker-controlled command, thereby enabling remote code execution.
The attack surface is extensive and often requires minimal user interaction. On desktops, merely browsing to a folder can trigger thumbnail generation via ffmpegthumbnailer, activating the vulnerability. On servers, media platforms like Jellyfin, Emby, and Nextcloud automatically invoke ffmpeg or ffprobe to generate previews and metadata when new files are added or viewed, providing potential vectors for exploitation.
Given the widespread use of FFmpeg across various applications and platforms, this vulnerability underscores the critical importance of promptly applying security patches and updates. Users and administrators should ensure their FFmpeg installations are updated to versions that address this flaw to mitigate the risk of exploitation.
