Recent CVE
Browse CVE per vendor
Browse CWEs
About
CVE-Search
CVE-2024-1580
ID
CVE-2024-1580
Summary
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
References
https://code.videolan.org/videolan/dav1d/-/releases/1.4.0
https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EPMUNDMEBGESOJ2ZNCWYEAYOOEKNWOO/
https://support.apple.com/kb/HT214098
https://support.apple.com/kb/HT214097
https://support.apple.com/kb/HT214095
https://support.apple.com/kb/HT214093
https://support.apple.com/kb/HT214096
https://support.apple.com/kb/HT214094
http://seclists.org/fulldisclosure/2024/Mar/41
http://seclists.org/fulldisclosure/2024/Mar/36
http://seclists.org/fulldisclosure/2024/Mar/38
http://seclists.org/fulldisclosure/2024/Mar/37
http://seclists.org/fulldisclosure/2024/Mar/40
http://seclists.org/fulldisclosure/2024/Mar/39
Vulnerable Configurations
CVSS
Base:
None
Impact:
Exploitability:
Access
Vector
Complexity
Authentication
Impact
Confidentiality
Integrity
Availability
Last major update
27-03-2024 - 18:15
Published
19-02-2024 - 11:15
Last modified
27-03-2024 - 18:15
Back to Top