Bug 2241191 (2023-Tweety, CVE-2023-5217) - CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx
Summary: CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx
Keywords:
Status: NEW
Alias: 2023-Tweety, CVE-2023-5217
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2241257 2241258 2241194 2241195 2241259 2241260
Blocks: 2241196
TreeView+ depends on / blocked
 
Reported: 2023-09-28 14:00 UTC by Guilherme de Almeida Suckevicz
Modified: 2023-11-04 10:08 UTC (History)
5 users (show)

Fixed In Version: chromium-browser 117.0.5938.132
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2023:5681 0 None None None 2023-10-12 08:11:21 UTC
Red Hat Product Errata RHBA-2023:5682 0 None None None 2023-10-12 08:11:05 UTC
Red Hat Product Errata RHSA-2023:5426 0 None None None 2023-10-04 11:09:14 UTC
Red Hat Product Errata RHSA-2023:5427 0 None None None 2023-10-04 11:03:22 UTC
Red Hat Product Errata RHSA-2023:5428 0 None None None 2023-10-04 11:26:30 UTC
Red Hat Product Errata RHSA-2023:5429 0 None None None 2023-10-04 11:29:21 UTC
Red Hat Product Errata RHSA-2023:5430 0 None None None 2023-10-04 11:38:29 UTC
Red Hat Product Errata RHSA-2023:5432 0 None None None 2023-10-04 11:44:24 UTC
Red Hat Product Errata RHSA-2023:5433 0 None None None 2023-10-04 11:49:37 UTC
Red Hat Product Errata RHSA-2023:5434 0 None None None 2023-10-04 11:46:59 UTC
Red Hat Product Errata RHSA-2023:5435 0 None None None 2023-10-04 11:49:30 UTC
Red Hat Product Errata RHSA-2023:5436 0 None None None 2023-10-04 11:48:41 UTC
Red Hat Product Errata RHSA-2023:5437 0 None None None 2023-10-04 11:55:41 UTC
Red Hat Product Errata RHSA-2023:5438 0 None None None 2023-10-04 11:59:56 UTC
Red Hat Product Errata RHSA-2023:5439 0 None None None 2023-10-04 11:53:12 UTC
Red Hat Product Errata RHSA-2023:5440 0 None None None 2023-10-04 11:59:50 UTC
Red Hat Product Errata RHSA-2023:5475 0 None None None 2023-10-05 14:51:19 UTC
Red Hat Product Errata RHSA-2023:5477 0 None None None 2023-10-05 14:51:33 UTC
Red Hat Product Errata RHSA-2023:5534 0 None None None 2023-10-09 10:29:33 UTC
Red Hat Product Errata RHSA-2023:5535 0 None None None 2023-10-09 10:29:08 UTC
Red Hat Product Errata RHSA-2023:5536 0 None None None 2023-10-09 10:36:48 UTC
Red Hat Product Errata RHSA-2023:5537 0 None None None 2023-10-09 10:43:27 UTC
Red Hat Product Errata RHSA-2023:5538 0 None None None 2023-10-09 10:43:36 UTC
Red Hat Product Errata RHSA-2023:5539 0 None None None 2023-10-09 10:44:26 UTC
Red Hat Product Errata RHSA-2023:5540 0 None None None 2023-10-09 10:43:39 UTC

Description Guilherme de Almeida Suckevicz 2023-09-28 14:00:28 UTC 
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=1486441

External References:
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
Comment 1 Guilherme de Almeida Suckevicz 2023-09-28 14:01:17 UTC 
Created chromium tracking bugs for this issue:

Affects: epel-all [bug 2241194]
Affects: fedora-all [bug 2241195]
Comment 3 Guilherme de Almeida Suckevicz 2023-09-28 20:27:23 UTC 
Created godot tracking bugs for this issue:

Affects: epel-all [bug 2241257]


Created libvpx tracking bugs for this issue:

Affects: fedora-all [bug 2241260]


Created libvpx7 tracking bugs for this issue:

Affects: fedora-all [bug 2241259]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2241258]
Comment 5 Sandipan Roy 2023-09-29 05:47:07 UTC 
Fixed by (libvpx): https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282
Fixed by (libvpx): https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590
https://hg.mozilla.org/mozilla-central/rev/c53f5ef77b62b79af86951a7f9130e1896b695d2
Comment 9 errata-xmlrpc 2023-10-04 11:03:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5427 https://access.redhat.com/errata/RHSA-2023:5427
Comment 10 errata-xmlrpc 2023-10-04 11:09:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5426 https://access.redhat.com/errata/RHSA-2023:5426
Comment 11 errata-xmlrpc 2023-10-04 11:26:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5428 https://access.redhat.com/errata/RHSA-2023:5428
Comment 12 errata-xmlrpc 2023-10-04 11:29:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5429 https://access.redhat.com/errata/RHSA-2023:5429
Comment 13 errata-xmlrpc 2023-10-04 11:38:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5430 https://access.redhat.com/errata/RHSA-2023:5430
Comment 14 errata-xmlrpc 2023-10-04 11:44:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5432 https://access.redhat.com/errata/RHSA-2023:5432
Comment 15 errata-xmlrpc 2023-10-04 11:46:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5434 https://access.redhat.com/errata/RHSA-2023:5434
Comment 16 errata-xmlrpc 2023-10-04 11:48:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5436 https://access.redhat.com/errata/RHSA-2023:5436
Comment 17 errata-xmlrpc 2023-10-04 11:49:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5435 https://access.redhat.com/errata/RHSA-2023:5435
Comment 18 errata-xmlrpc 2023-10-04 11:49:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5433 https://access.redhat.com/errata/RHSA-2023:5433
Comment 19 errata-xmlrpc 2023-10-04 11:53:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5439 https://access.redhat.com/errata/RHSA-2023:5439
Comment 20 errata-xmlrpc 2023-10-04 11:55:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5437 https://access.redhat.com/errata/RHSA-2023:5437
Comment 21 errata-xmlrpc 2023-10-04 11:59:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5440 https://access.redhat.com/errata/RHSA-2023:5440
Comment 22 errata-xmlrpc 2023-10-04 11:59:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5438 https://access.redhat.com/errata/RHSA-2023:5438
Comment 23 errata-xmlrpc 2023-10-05 14:51:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:5475 https://access.redhat.com/errata/RHSA-2023:5475
Comment 24 errata-xmlrpc 2023-10-05 14:51:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:5477 https://access.redhat.com/errata/RHSA-2023:5477
Comment 25 errata-xmlrpc 2023-10-09 10:29:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5535 https://access.redhat.com/errata/RHSA-2023:5535
Comment 26 errata-xmlrpc 2023-10-09 10:29:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5534 https://access.redhat.com/errata/RHSA-2023:5534
Comment 27 errata-xmlrpc 2023-10-09 10:36:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5536 https://access.redhat.com/errata/RHSA-2023:5536
Comment 28 errata-xmlrpc 2023-10-09 10:43:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5537 https://access.redhat.com/errata/RHSA-2023:5537
Comment 29 errata-xmlrpc 2023-10-09 10:43:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5538 https://access.redhat.com/errata/RHSA-2023:5538
Comment 30 errata-xmlrpc 2023-10-09 10:43:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5540 https://access.redhat.com/errata/RHSA-2023:5540
Comment 31 errata-xmlrpc 2023-10-09 10:44:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5539 https://access.redhat.com/errata/RHSA-2023:5539
Comment 32 Ricky 2023-11-04 10:08:49 UTC Comment hidden (spam)
Note You need to log in before you can comment on or make changes to this bug.