CVE-2024-5171 | THREATINT

Description

Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers: * Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. * Calling aom_img_wrap() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid. * Calling aom_img_alloc_with_border() with a large value of the d_w, d_h, align, size_align, or border parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.

PUBLISHED Reserved 2024-05-21 | Published 2024-06-05 | Updated 2025-02-13 | Assigner Google

CRITICAL: 10.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status

unaffected

1.0.0 (custom) before 3.9.0

affected

References

issues.chromium.org/issues/332382766

lists.fedoraproject.org/...6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/

lists.fedoraproject.org/...U5NRNCEYS246CYGOR32MF7OGKWOWER22/

cve.org (CVE-2024-5171)

nvd.nist.gov (CVE-2024-5171)

Download JSON