- Package:
- src:whisper.cpp
- Source:
- src:whisper.cpp
- Submitter:
- Salvatore Bonaccorso
- Date:
- 2026-05-18 18:23:02 UTC
- Severity:
- normal
- Tags:
Hi, The following vulnerability was published for whisper.cpp. CVE-2025-14569[0]: | A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. | Affected is the function read_audio_data of the file | /whisper.cpp/examples/common-whisper.cpp. The manipulation results | in use after free. The attack requires a local approach. The exploit | is now public and may be used. The project was informed of the | problem early through an issue report but has not responded yet. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-14569 https://www.cve.org/CVERecord?id=CVE-2025-14569 [1] https://github.com/ggml-org/whisper.cpp/issues/3501 Regards, Salvatore
Hi, Please find attached a patch that fixes CVE-2025-14569, a use-after-free vulnerability in the read_audio_data() function in common-whisper.cpp. The fix adds a decoder_initialized flag, verifies ma_decoder_init_file() return value explicitly, only calls ma_decoder_uninit() when the decoder was successfully initialized, and adds proper cleanup on error paths. The upstream (ggml-org) was notified via GitHub issue #3501 in November 2025 but has not responded. This patch is ready for Debian packaging. Best regards, Claudio Ferreira
Thank you for the patch. I have passed it upstream as <URL: https://github.com/ggml-org/whisper.cpp/pull/3810 > to allow them to review it before considering it for inclusion in Debian.
[Claudio Ferreira] Thank you. When I passed the patch upstream, I was told that this issue has already been fixed in commit cec1dd9d1276a1df679858222f3b1dc0551c5220 from 2026-02-27 when the miniaudio version was updated from 0.11.22 to 0.11.24 and the issue can no longer be reproduced, see <URL: https://github.com/ggml-org/whisper.cpp/issues/3501 >. This fix is included in version 1.8.4 already uploaded into Debian. Do you agree with this finding?