First published: Thu May 06 2021(Updated: )
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Aomedia Aomedia | <2021-04-07 | |
Fedoraproject Fedora | =34 | |
ubuntu/aom | <1.0.0. | 1.0.0. |
ubuntu/aom | <3.2.0-1 | 3.2.0-1 |
debian/aom | 1.0.0.errata1-3+deb11u1 3.6.0-1 3.9.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-30473 is a vulnerability in libaom that allows an attacker to free memory that is not located on the heap, potentially leading to a crash or arbitrary code execution.
CVE-2021-30473 has a severity rating of 9.8 (Critical).
The following software versions are affected by CVE-2021-30473: Aomedia before 2021-04-07, Fedora 34, debian/aom up to version 1.0.0-3, and ubuntu/aom on focal.
An attacker can exploit CVE-2021-30473 by manipulating memory outside the allocated heap to cause a crash or execute arbitrary code.
To fix CVE-2021-30473, it is recommended to update to the latest version of the affected software or apply the provided patches from the respective vendors and maintainers.