REDHAT-BUG-2241806
Published Oct 2, 2023
·Updated
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. Reference: https://github.com/advisories/GHSA-wc24-pw3j-j6vw Upstream patch: https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
Affected Software
1 affected component
webmproject libvpx<1.13.1
Event History
Oct 2, 2023
Data Sourced
via Red Hat·08:06 PM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of REDHAT-BUG-2241806?
The severity of REDHAT-BUG-2241806 is classified as critical due to the potential for crashes during encoding.
2
How do I fix REDHAT-BUG-2241806?
To fix REDHAT-BUG-2241806, update libvpx to version 1.13.1 or later.
3
What software is affected by REDHAT-BUG-2241806?
The affected software for REDHAT-BUG-2241806 is libvpx versions prior to 1.13.1.
4
What kind of vulnerability is REDHAT-BUG-2241806?
REDHAT-BUG-2241806 is a vulnerability that involves mishandling widths in VP9 leading to crashes.
5
Is there an upstream patch available for REDHAT-BUG-2241806?
Yes, there is an upstream patch available in the code repository for libvpx addressing REDHAT-BUG-2241806.