Bug 2241191 (2023-Tweety, CVE-2023-5217) - CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx
Summary: CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx
Keywords:
Status: NEW
Alias: 2023-Tweety, CVE-2023-5217
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2241257 2241258 2241259 2241194 2241195 2241260
Blocks: 2241196
TreeView+ depends on / blocked
 
Reported: 2023-09-28 14:00 UTC by Guilherme de Almeida Suckevicz
Modified: 2023-11-04 10:08 UTC (History)
5 users (show)

Fixed In Version: chromium-browser 117.0.5938.132
Doc Type: If docs needed, set a value
Doc Text:
A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2023:5681 0 None None None 2023-10-12 08:11:21 UTC
Red Hat Product Errata RHBA-2023:5682 0 None None None 2023-10-12 08:11:05 UTC
Red Hat Product Errata RHSA-2023:5426 0 None None None 2023-10-04 11:09:14 UTC
Red Hat Product Errata RHSA-2023:5427 0 None None None 2023-10-04 11:03:22 UTC
Red Hat Product Errata RHSA-2023:5428 0 None None None 2023-10-04 11:26:30 UTC
Red Hat Product Errata RHSA-2023:5429 0 None None None 2023-10-04 11:29:21 UTC
Red Hat Product Errata RHSA-2023:5430 0 None None None 2023-10-04 11:38:29 UTC
Red Hat Product Errata RHSA-2023:5432 0 None None None 2023-10-04 11:44:24 UTC
Red Hat Product Errata RHSA-2023:5433 0 None None None 2023-10-04 11:49:37 UTC
Red Hat Product Errata RHSA-2023:5434 0 None None None 2023-10-04 11:46:59 UTC
Red Hat Product Errata RHSA-2023:5435 0 None None None 2023-10-04 11:49:30 UTC
Red Hat Product Errata RHSA-2023:5436 0 None None None 2023-10-04 11:48:41 UTC
Red Hat Product Errata RHSA-2023:5437 0 None None None 2023-10-04 11:55:41 UTC
Red Hat Product Errata RHSA-2023:5438 0 None None None 2023-10-04 11:59:56 UTC
Red Hat Product Errata RHSA-2023:5439 0 None None None 2023-10-04 11:53:12 UTC
Red Hat Product Errata RHSA-2023:5440 0 None None None 2023-10-04 11:59:50 UTC
Red Hat Product Errata RHSA-2023:5475 0 None None None 2023-10-05 14:51:19 UTC
Red Hat Product Errata RHSA-2023:5477 0 None None None 2023-10-05 14:51:33 UTC
Red Hat Product Errata RHSA-2023:5534 0 None None None 2023-10-09 10:29:33 UTC
Red Hat Product Errata RHSA-2023:5535 0 None None None 2023-10-09 10:29:08 UTC
Red Hat Product Errata RHSA-2023:5536 0 None None None 2023-10-09 10:36:48 UTC
Red Hat Product Errata RHSA-2023:5537 0 None None None 2023-10-09 10:43:27 UTC
Red Hat Product Errata RHSA-2023:5538 0 None None None 2023-10-09 10:43:36 UTC
Red Hat Product Errata RHSA-2023:5539 0 None None None 2023-10-09 10:44:26 UTC
Red Hat Product Errata RHSA-2023:5540 0 None None None 2023-10-09 10:43:39 UTC

Description Guilherme de Almeida Suckevicz 2023-09-28 14:00:28 UTC
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=1486441

External References:
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

Comment 1 Guilherme de Almeida Suckevicz 2023-09-28 14:01:17 UTC
Created chromium tracking bugs for this issue:

Affects: epel-all [bug 2241194]
Affects: fedora-all [bug 2241195]

Comment 3 Guilherme de Almeida Suckevicz 2023-09-28 20:27:23 UTC
Created godot tracking bugs for this issue:

Affects: epel-all [bug 2241257]


Created libvpx tracking bugs for this issue:

Affects: fedora-all [bug 2241260]


Created libvpx7 tracking bugs for this issue:

Affects: fedora-all [bug 2241259]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2241258]

Comment 9 errata-xmlrpc 2023-10-04 11:03:21 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5427 https://access.redhat.com/errata/RHSA-2023:5427

Comment 10 errata-xmlrpc 2023-10-04 11:09:13 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5426 https://access.redhat.com/errata/RHSA-2023:5426

Comment 11 errata-xmlrpc 2023-10-04 11:26:29 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5428 https://access.redhat.com/errata/RHSA-2023:5428

Comment 12 errata-xmlrpc 2023-10-04 11:29:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5429 https://access.redhat.com/errata/RHSA-2023:5429

Comment 13 errata-xmlrpc 2023-10-04 11:38:28 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5430 https://access.redhat.com/errata/RHSA-2023:5430

Comment 14 errata-xmlrpc 2023-10-04 11:44:23 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5432 https://access.redhat.com/errata/RHSA-2023:5432

Comment 15 errata-xmlrpc 2023-10-04 11:46:57 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5434 https://access.redhat.com/errata/RHSA-2023:5434

Comment 16 errata-xmlrpc 2023-10-04 11:48:40 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5436 https://access.redhat.com/errata/RHSA-2023:5436

Comment 17 errata-xmlrpc 2023-10-04 11:49:28 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5435 https://access.redhat.com/errata/RHSA-2023:5435

Comment 18 errata-xmlrpc 2023-10-04 11:49:35 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5433 https://access.redhat.com/errata/RHSA-2023:5433

Comment 19 errata-xmlrpc 2023-10-04 11:53:11 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5439 https://access.redhat.com/errata/RHSA-2023:5439

Comment 20 errata-xmlrpc 2023-10-04 11:55:40 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5437 https://access.redhat.com/errata/RHSA-2023:5437

Comment 21 errata-xmlrpc 2023-10-04 11:59:48 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5440 https://access.redhat.com/errata/RHSA-2023:5440

Comment 22 errata-xmlrpc 2023-10-04 11:59:55 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5438 https://access.redhat.com/errata/RHSA-2023:5438

Comment 23 errata-xmlrpc 2023-10-05 14:51:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:5475 https://access.redhat.com/errata/RHSA-2023:5475

Comment 24 errata-xmlrpc 2023-10-05 14:51:32 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:5477 https://access.redhat.com/errata/RHSA-2023:5477

Comment 25 errata-xmlrpc 2023-10-09 10:29:07 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:5535 https://access.redhat.com/errata/RHSA-2023:5535

Comment 26 errata-xmlrpc 2023-10-09 10:29:32 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:5534 https://access.redhat.com/errata/RHSA-2023:5534

Comment 27 errata-xmlrpc 2023-10-09 10:36:47 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:5536 https://access.redhat.com/errata/RHSA-2023:5536

Comment 28 errata-xmlrpc 2023-10-09 10:43:26 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:5537 https://access.redhat.com/errata/RHSA-2023:5537

Comment 29 errata-xmlrpc 2023-10-09 10:43:34 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:5538 https://access.redhat.com/errata/RHSA-2023:5538

Comment 30 errata-xmlrpc 2023-10-09 10:43:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5540 https://access.redhat.com/errata/RHSA-2023:5540

Comment 31 errata-xmlrpc 2023-10-09 10:44:24 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:5539 https://access.redhat.com/errata/RHSA-2023:5539

Comment 32 Ricky 2023-11-04 10:08:49 UTC Comment hidden (spam)

Note You need to log in before you can comment on or make changes to this bug.