A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above References: https://crbug.com/webm/1642
Created libvpx tracking bugs for this issue: Affects: fedora-all [bug 2283554]
Created chromium tracking bugs for this issue: Affects: epel-all [bug 2283556] Affects: fedora-all [bug 2283558] Created libvpx7 tracking bugs for this issue: Affects: fedora-all [bug 2283559] Created libvpx8 tracking bugs for this issue: Affects: fedora-all [bug 2283560] Created obs-cef tracking bugs for this issue: Affects: fedora-all [bug 2283561] Created qt5-qtwebengine tracking bugs for this issue: Affects: epel-all [bug 2283557]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5941 https://access.redhat.com/errata/RHSA-2024:5941