Описание
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.
A flaw was found in Theora (libtheora). An incorrect bitwise shift may be triggered via specially-crafted input, potentially resulting in an application crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libtheora | Fix deferred | ||
| Red Hat Enterprise Linux 6 | libtheora | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libtheora | Out of support scope | ||
| Red Hat Enterprise Linux 7 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 8 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 8 | libtheora | Fix deferred | ||
| Red Hat Enterprise Linux 8 | thunderbird | Fix deferred | ||
| Red Hat Enterprise Linux 9 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 9 | firefox:flatpak/firefox | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 71 ...
EPSS
3.3 Low
CVSS3