Описание
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| chromium | fixed | 120.0.6099.109-1 | package | |
| chromium | end-of-life | buster | package | |
| libavif | fixed | 1.1.0-1 | package | |
| libavif | not-affected | bookworm | package | |
| libavif | not-affected | bullseye | package |
Примечания
https://issues.chromium.org/issues/40945359
https://github.com/AOMediaCodec/libavif/pull/1808
Introduced by: https://github.com/AOMediaCodec/libavif/commit/c17d24ad2281fee383700e0710e019758a1969ad (v1.0.0)
Fixed by: https://github.com/AOMediaCodec/libavif/commit/7845153645cfe245de5add94fb07c227c2d16402 (v1.1.0)
EPSS
Связанные уязвимости
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)
EPSS