CVE-2024-5197

2024-06-0300:00:00

ubuntu.com

integer overflow

libvpx

buffer sizes

10 High

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

There exists interger overflows in libvpx in versions prior to
1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or
align parameter may result in integer overflows in the calculations of
buffer sizes and offsets and some fields of the returned vpx_image_t struct
may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h,
or stride_align parameter may result in integer overflows in the
calculations of buffer sizes and offsets and some fields of the returned
vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1
or beyond

Bugs

<https://issues.chromium.org/issues/332382766>

Notes

Author	Note
mdeslaur	This also affects the aom package with CVE-2024-5171

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlibvpx< anyUNKNOWN
ubuntu20.04noarchlibvpx< 1.8.2-1ubuntu0.3UNKNOWN
ubuntu22.04noarchlibvpx< 1.11.0-2ubuntu2.3UNKNOWN
ubuntu23.10noarchlibvpx< 1.12.0-1ubuntu2.1UNKNOWN
ubuntu24.04noarchlibvpx< 1.14.0-1ubuntu2.1UNKNOWN
ubuntu14.04noarchlibvpx< anyUNKNOWN
ubuntu16.04noarchlibvpx< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	libvpx	< any	UNKNOWN
ubuntu	20.04	noarch	libvpx	< 1.8.2-1ubuntu0.3	UNKNOWN
ubuntu	22.04	noarch	libvpx	< 1.11.0-2ubuntu2.3	UNKNOWN
ubuntu	23.10	noarch	libvpx	< 1.12.0-1ubuntu2.1	UNKNOWN
ubuntu	24.04	noarch	libvpx	< 1.14.0-1ubuntu2.1	UNKNOWN
ubuntu	14.04	noarch	libvpx	< any	UNKNOWN
ubuntu	16.04	noarch	libvpx	< any	UNKNOWN