Bug 2241191 (2023-Tweety, CVE-2023-5217)

Summary: CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: jwest, murtaza.8060, saroy, tpopela, ymittal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: chromium-browser 117.0.5938.132 Doc Type: If docs needed, set a value
Doc Text:
A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2241257, 2241258, 2241194, 2241195, 2241259, 2241260    
Bug Blocks: 2241196    

Description Guilherme de Almeida Suckevicz 2023-09-28 14:00:28 UTC 
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=1486441

External References:
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
Comment 1 Guilherme de Almeida Suckevicz 2023-09-28 14:01:17 UTC 
Created chromium tracking bugs for this issue:

Affects: epel-all [bug 2241194]
Affects: fedora-all [bug 2241195]
Comment 3 Guilherme de Almeida Suckevicz 2023-09-28 20:27:23 UTC 
Created godot tracking bugs for this issue:

Affects: epel-all [bug 2241257]


Created libvpx tracking bugs for this issue:

Affects: fedora-all [bug 2241260]


Created libvpx7 tracking bugs for this issue:

Affects: fedora-all [bug 2241259]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2241258]
Comment 5 Sandipan Roy 2023-09-29 05:47:07 UTC 
Fixed by (libvpx): https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
Fixed by (libvpx): https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
https://hg.mozilla.org/mozilla-central/rev/c53f5ef77b62b79af86951a7f9130e1896b695d2
Comment 9 errata-xmlrpc 2023-10-04 11:03:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5427 https://access.redhat.com/errata/RHSA-2023:5427
Comment 10 errata-xmlrpc 2023-10-04 11:09:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5426 https://access.redhat.com/errata/RHSA-2023:5426
Comment 11 errata-xmlrpc 2023-10-04 11:26:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5428 https://access.redhat.com/errata/RHSA-2023:5428
Comment 12 errata-xmlrpc 2023-10-04 11:29:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5429 https://access.redhat.com/errata/RHSA-2023:5429
Comment 13 errata-xmlrpc 2023-10-04 11:38:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5430 https://access.redhat.com/errata/RHSA-2023:5430
Comment 14 errata-xmlrpc 2023-10-04 11:44:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5432 https://access.redhat.com/errata/RHSA-2023:5432
Comment 15 errata-xmlrpc 2023-10-04 11:46:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5434 https://access.redhat.com/errata/RHSA-2023:5434
Comment 16 errata-xmlrpc 2023-10-04 11:48:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5436 https://access.redhat.com/errata/RHSA-2023:5436
Comment 17 errata-xmlrpc 2023-10-04 11:49:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5435 https://access.redhat.com/errata/RHSA-2023:5435
Comment 18 errata-xmlrpc 2023-10-04 11:49:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5433 https://access.redhat.com/errata/RHSA-2023:5433
Comment 19 errata-xmlrpc 2023-10-04 11:53:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5439 https://access.redhat.com/errata/RHSA-2023:5439
Comment 20 errata-xmlrpc 2023-10-04 11:55:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5437 https://access.redhat.com/errata/RHSA-2023:5437
Comment 21 errata-xmlrpc 2023-10-04 11:59:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5440 https://access.redhat.com/errata/RHSA-2023:5440
Comment 22 errata-xmlrpc 2023-10-04 11:59:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5438 https://access.redhat.com/errata/RHSA-2023:5438
Comment 23 errata-xmlrpc 2023-10-05 14:51:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:5475 https://access.redhat.com/errata/RHSA-2023:5475
Comment 24 errata-xmlrpc 2023-10-05 14:51:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:5477 https://access.redhat.com/errata/RHSA-2023:5477
Comment 25 errata-xmlrpc 2023-10-09 10:29:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5535 https://access.redhat.com/errata/RHSA-2023:5535
Comment 26 errata-xmlrpc 2023-10-09 10:29:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5534 https://access.redhat.com/errata/RHSA-2023:5534
Comment 27 errata-xmlrpc 2023-10-09 10:36:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5536 https://access.redhat.com/errata/RHSA-2023:5536
Comment 28 errata-xmlrpc 2023-10-09 10:43:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5537 https://access.redhat.com/errata/RHSA-2023:5537
Comment 29 errata-xmlrpc 2023-10-09 10:43:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5538 https://access.redhat.com/errata/RHSA-2023:5538
Comment 30 errata-xmlrpc 2023-10-09 10:43:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5540 https://access.redhat.com/errata/RHSA-2023:5540
Comment 31 errata-xmlrpc 2023-10-09 10:44:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5539 https://access.redhat.com/errata/RHSA-2023:5539
Comment 32 Ricky 2023-11-04 10:08:49 UTC Comment hidden (spam)