Bug 2264938 (CVE-2024-1580) - CVE-2024-1580 videolan/dav1d: integer overflow when decoding videos with large frame size
Summary: CVE-2024-1580 videolan/dav1d: integer overflow when decoding videos with larg...
Keywords:
Status: NEW
Alias: CVE-2024-1580
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2264939 2264940
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-02-19 18:20 UTC by Patrick Del Bello
Modified: 2024-02-19 18:20 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Patrick Del Bello 2024-02-19 18:20:11 UTC
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.

https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS
https://code.videolan.org/videolan/dav1d/-/releases/1.4.0

Comment 1 Patrick Del Bello 2024-02-19 18:20:27 UTC
Created dav1d tracking bugs for this issue:

Affects: epel-all [bug 2264940]
Affects: fedora-all [bug 2264939]


Note You need to log in before you can comment on or make changes to this bug.