Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2_mc_fullx_fully_8x8. https://issuetracker.google.com/issues/231026247 https://android-review.googlesource.com/c/platform/external/libmpeg2/+/2132593
Created libmpeg2 tracking bugs for this issue: Affects: epel-all [bug 2117464] Affects: fedora-all [bug 2117465]
This CVE is for Android's libmpeg2, which is a completely different code base than the old standalone library by the same name.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-37416