Moderate: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libvpx: Integer overflow in vpx_img_alloc()

A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of valu...

The vulnerability of the vpx_img_alloc() function in the libvpx video encoding/decoding library allows a perpetrator to execute arbitrary code.

The vulnerability of the vpximgalloc function in the libvpx video encoding/decoding library is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted data...

DEBIAN-CVE-2024-5197

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...