Home

Description

A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a truncated header sub-chunk. This could lead to a denial-of-service (application crash) or potentially leak sensitive information from the heap.

PUBLISHED Reserved 2026-04-06 | Published 2026-04-06 | Updated 2026-05-01 | Assigner redhat




MEDIUM: 5.6CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H

Problem types

Out-of-bounds Read

Product status

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Timeline

2026-04-06:Reported to Red Hat.
2026-04-06:Made public.

Credits

Red Hat would like to thank ChenZhengzhe (HangZhouDianZi University) for reporting this issue.

References

access.redhat.com/security/cve/CVE-2026-5673 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2455340 (RHBZ#2455340) issue-tracking

github.com/xiph/theora/issues/24

cve.org (CVE-2026-5673)

nvd.nist.gov (CVE-2026-5673)

Download JSON