Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-1580HistoryFeb 19, 2024 - 11:15 a.m.
CVE-2024-1580
2024-02-1911:15:08
Debian Security Bug Tracker
security-tracker.debian.org
10
integer overflow
dav1d
av1 decoder
upgrade
memory corruption
video decoding
frame size
memory security
unix
5.9 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
0.0005 Low
EPSS
Percentile
17.2%
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dav1d | < 1.0.0-2+deb12u1 | dav1d_1.0.0-2+deb12u1_all.deb |
| Debian | 11 | all | dav1d | < 0.7.1-3+deb11u1 | dav1d_0.7.1-3+deb11u1_all.deb |
| Debian | 999 | all | dav1d | < 1.4.0-1 | dav1d_1.4.0-1_all.deb |
| Debian | 13 | all | dav1d | < 1.4.0-1 | dav1d_1.4.0-1_all.deb |
Related
mageia
mageia
Updated dav1d packages fix security vulnerability
2024-04-06 01:26:33
nessus
nessus
macOS 13.x < 13.6.6 Multiple Vulnerabilities (HT214095)
2024-03-25 00:00:00
Fedora 40 : dav1d (2024-12fcc689ac)
2024-04-29 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: dav1d-1.4.0-1.fc40
2024-03-23 00:45:13
apple
apple
About the security content of iOS 17.4.1 and iPadOS 17.4.1
2024-03-21 00:00:00
About the security content of visionOS 1.1.1
2024-03-21 00:00:00
About the security content of macOS Ventura 13.6.6
2024-03-25 00:00:00
veracode
veracode
Integer Overflow
2024-02-22 03:54:52
osv
osv
CVE-2024-1580
2024-02-19 11:15:08
libdav1d-sys affected by dav1d AV1 decoder integer overflow
2024-04-05 15:42:39
dav1d AV1 decoder integer overflow
2024-02-19 12:00:00
openvas
openvas
Apple Safari Security Update (HT214094)
2024-03-28 00:00:00
Apple Mac OS X Security Update (HT214095)
2024-03-28 00:00:00
Mageia: Security Advisory (MGASA-2024-0111)
2024-04-09 00:00:00
debian
debian
[SECURITY] [DSA 5686-1] dav1d security update
2024-05-09 14:47:00
cvelist
cvelist
CVE-2024-1580 Integer overflow in VideoLAN dav1d
2024-02-19 10:34:55
alpinelinux
alpinelinux
CVE-2024-1580
2024-02-19 11:15:08
ubuntucve
ubuntucve
CVE-2024-1580
2024-02-19 00:00:00
cve
cve
CVE-2024-1580
2024-02-19 11:15:08
prion
prion
Integer overflow
2024-02-19 11:15:00
nvd
nvd
CVE-2024-1580
2024-02-19 11:15:08
freebsd
freebsd
electron{27,28,29} -- multiple vulnerabilities
2024-04-16 00:00:00
5.9 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
0.0005 Low
EPSS
Percentile
17.2%
Related for DEBIANCVE:CVE-2024-1580