A heap out-of-bounds write vulnerability in FFmpeg's libavcodec library — dubbed PixelSmash by the JFrog security team that discovered it — allows a specially crafted video file to execute arbitrary shell commands on any machine that opens or processes it. With a CVSS score of 8.8 and no authentication required (the attack vector is the media file itself), this vulnerability is highly relevant to anyone running self-hosted media servers. Jellyfin, Emby, Nextcloud, and Immich all auto-process uploaded video files using FFmpeg — meaning an attacker can achieve remote code execution simply by uploading a crafted MKV file to your server. The fix is FFmpeg 8.1.2, released June 17, 2026. Update now.
What the Vulnerability Is
FFmpeg's MagicYUV video decoder in libavcodec/magicyuvdec.c contains an inconsistency between how it allocates frame buffers and how it calculates chroma plane heights during video decoding. When processing a specially crafted AVI, MKV, or MOV file encoded with the MagicYUV codec, the decoder writes beyond the end of the allocated AVBuffer structure — a classic heap out-of-bounds (OOB) write.
JFrog's researchers found that the OOB write lands at a predictable offset from the AVBuffer struct on common allocator configurations. By placing a NUL-terminated shell command string at that offset within the crafted file, the shell command executes before the decoder crashes — resulting in arbitrary code execution with the privileges of the FFmpeg process.
The technical root cause: inconsistency between how avcodec_open2() allocates the frame and how magicyuv_decode_frame() computes subsampled chroma plane heights, resulting in a write that extends into adjacent heap memory.
The fix is in FFmpeg 8.1.2, released June 17, 2026, by patching the height computation in the MagicYUV decoder.
Why It Matters
FFmpeg is the backbone of nearly every open-source video processing tool on Linux. Any application that shells out to ffmpeg or links against libavcodec to process video is potentially vulnerable if a malicious file reaches it:
- Jellyfin, Emby — auto-transcoding and thumbnail generation on every file added to the library
- Nextcloud — video preview generation when the Video Preview app is enabled
- Immich, PhotoPrism — video processing pipelines run on every upload
- ffmpegthumbnailer — generates thumbnails for file managers (GNOME Nautilus, KDE Dolphin, XFCE Thunar); just browsing a folder containing a crafted file can trigger it
- Kodi, mpv — media playback
- OBS Studio — recording and scene capture
The most dangerous scenario for server operators: a user uploads a crafted MKV to your Jellyfin, Nextcloud, or Immich instance. A background job runs ffmpeg on the file to generate a thumbnail or transcode it, and the embedded shell command executes with the privileges of the media server process — giving the attacker a shell on your server. No login required beyond your media server's upload permission.
A zero-click variant exists if you auto-import from a watched folder: dropping a crafted video into the directory triggers RCE the moment the folder watcher processes it.
Am I Affected?
You are affected if your system runs FFmpeg older than 8.1.2 AND uses it to process video files — especially untrusted ones. Check your version:
ffmpeg -version
Applications to check:
| Application | Check |
|---|---|
| Jellyfin | Settings → Dashboard → FFmpeg path, then run that binary with -version |
| Emby | Same — find the bundled ffmpeg path in server settings |
| Nextcloud | php occ files:scan triggers preview generation; check system ffmpeg |
| Immich | Bundled in Docker image — check image version |
| PhotoPrism | Same — bundled in container |
| ffmpegthumbnailer | System package; dpkg -l ffmpegthumbnailer or rpm -q ffmpegthumbnailer |
| OBS Studio | Likely links against system libavcodec |
Note: Jellyfin and Emby in Docker typically bundle their own ffmpeg binary inside the container — updating the system ffmpeg is not sufficient. You must update the container image.
Step-by-Step Remediation
1. Update system FFmpeg to 8.1.2 or later:
On Ubuntu/Debian:
sudo apt update && sudo apt install --only-upgrade ffmpeg
If 8.1.2 is not yet in your distro's repos, use the official FFmpeg PPA or build from source.
On Arch Linux:
sudo pacman -Syu ffmpeg
On RHEL / Rocky / AlmaLinux / CentOS, FFmpeg 8.1.2 may not be in base repos. Use RPM Fusion or build from source:
git clone https://git.ffmpeg.org/ffmpeg.git && cd ffmpeg
git checkout n8.1.2
./configure && make -j$(nproc) && sudo make install
2. Update Jellyfin and Emby Docker images:
docker pull jellyfin/jellyfin:latest
docker-compose up -d
Verify the bundled ffmpeg version inside the container:
docker exec jellyfin ffmpeg -version
3. Update Immich:
docker pull ghcr.io/immich-app/immich-server:release
docker-compose up -d
4. Restart all services using ffmpeg after upgrading:
sudo systemctl restart jellyfin
sudo systemctl restart emby-server
sudo systemctl restart nextcloud-cron # or the relevant service
5. Temporary mitigation if patching is delayed:
- Disable video thumbnail/preview generation in Nextcloud (Settings → Administration → Basic settings → uncheck "Enable preview generation for video").
- Restrict upload permissions on Jellyfin/Immich to trusted users only until patched.
6. Audit recently uploaded media on your servers for MagicYUV-encoded files (this codec is unusual in legitimate content):
ffprobe -v error -select_streams v:0 -show_entries stream=codec_name -of default=noprint_wrappers=1 <file>
Any file returning magicyuv as the codec that was externally uploaded warrants investigation.
Quick-Win Checklist
ffmpeg -versionreturns 8.1.2 or later on all servers- Jellyfin Docker image updated and restarted
- Emby Docker image updated and restarted
- Immich Docker image updated and restarted
- Nextcloud system ffmpeg updated
- ffmpegthumbnailer package updated (for desktop/file-manager servers)
- All ffmpeg-dependent services restarted after upgrade
- Upload permissions restricted to trusted users if patching is delayed
Sources
- FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances — SecurityWeek, June 23, 2026
- FFmpeg fixes PixelSmash flaw in widely used video decoder — BleepingComputer
- PixelSmash: Critical RCE in FFmpeg — JFrog Security Research
- FFmpeg 8.1.2 Release Notes
- GBHackers: FFmpeg PixelSmash RCE Vulnerability