CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-6879 – heap buffer overflow in libaom
https://notcve.org/view.php?id=CVE-2023-6879
Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). Aumentar la resolución de los fotogramas de vídeo, mientras se realiza una codificación multiproceso, puede provocar un desbordamiento del montón en av1_loop_restoration_dealloc(). • https://aomedia.googlesource.com/aom/+/refs/tags/v3.7.1 https://crbug.com/aomedia/3491 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39616
https://notcve.org/view.php?id=CVE-2023-39616
AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. Se ha descubierto que AOMedia v3.0.0 a v3.5.0 contiene un acceso no válido a la memoria de lectura a través del componente "assign_frame_buffer_p in av1/common/av1_common_int.h. ". • https://bugs.chromium.org/p/aomedia/issues/detail?id=3372#c3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30475
https://notcve.org/view.php?id=CVE-2021-30475
aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. El archivo aom_dsp/noise_model.c en libaom en AOMedia versiones anteriores al 24-03-2021, presenta un desbordamiento del búfer • https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0 https://bugs.chromium.org/p/aomedia/issues/detail?id=2999 https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4 https://security.gentoo.org/glsa/202401-32 https://www.debian.org/security/2023/dsa-5490 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30474
https://notcve.org/view.php?id=CVE-2021-30474
aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. El archivo aom_dsp/grain_table.c en la función libaom en AOMedia hasta el 30-03-2021, presenta un uso de la memoria previamente liberada • https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e https://bugs.chromium.org/p/aomedia/issues/detail?id=3000 https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html https://security.gentoo.org/glsa/202401-32 https://www.debian.org/security/2023/dsa-5490 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30473
https://notcve.org/view.php?id=CVE-2021-30473
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. El archivo aom_image.c en libaom en AOMedia versiones anteriores al 07-04-2021, libera memoria que no se encuentra en la pila • https://aomedia.googlesource.com/aom/+/4efe20e99dcd9b6f8eadc8de8acc825be7416578 https://bugs.chromium.org/p/aomedia/issues/detail?id=2998 https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4 https://security.gentoo.org/glsa/202401-32 https://www.debian.org/security/2023/dsa-5490 • CWE-763: Release of Invalid Pointer or Reference •