Описание
Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc().
A heap-based buffer overflow vulnerability was found in AOM. When increasing the resolution of video frames during a multi-threaded encode, a heap overflow may occur in av1_loop_restoration_dealloc() within thread_common.c, leading to a denial of service or unauthorized reading of memory.
Отчет
The AOM heap-based buffer overflow vulnerability, triggered when increasing video frame resolution during a multi-threaded encode, is considered moderate. Limited conditions for exploitation and constrained impacts, such as potential denial of service and unauthorized memory reading, contribute to this classification. The issue is not universally exploitable, requiring specific circumstances, and does not immediately lead to widespread system compromise. Mozilla Firefox & Thunderbird don't have any AV1 encode paths currently, so Red Hat Enterprise Linux 7, 8 & 9 is not affected.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | firefox | Not affected | ||
| Red Hat Enterprise Linux 7 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox:flatpak/firefox | Not affected | ||
| Red Hat Enterprise Linux 8 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 8 | thunderbird:flatpak/thunderbird | Not affected | ||
| Red Hat Enterprise Linux 9 | firefox | Not affected | ||
| Red Hat Enterprise Linux 9 | firefox:flatpak/firefox | Not affected | ||
| Red Hat Enterprise Linux 9 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 9 | thunderbird:flatpak/thunderbird | Not affected |
Показывать по
Дополнительная информация
Статус:
9.8 Critical
CVSS3
Связанные уязвимости
Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc().
Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc().
Increasing the resolution of video frames, while performing a multi-th ...
9.8 Critical
CVSS3