REDHAT-BUG-2241806
First published: Mon Oct 02 2023(Updated: )
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. Reference: <a href="https://github.com/advisories/GHSA-wc24-pw3j-j6vw">https://github.com/advisories/GHSA-wc24-pw3j-j6vw</a> Upstream patch: <a href="https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f">https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WebM Project libvpx | <1.13.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/advisories/GHSA-wc24-pw3j-j6vw
- https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2241807
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2241810
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2241808
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2241812
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2241811
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2241809
- https://access.redhat.com/errata/RHSA-2023:5535
- https://access.redhat.com/errata/RHSA-2023:5534
- https://access.redhat.com/errata/RHSA-2023:5536
- https://access.redhat.com/errata/RHSA-2023:5537
- https://access.redhat.com/errata/RHSA-2023:5538
- https://access.redhat.com/errata/RHSA-2023:5540
- https://access.redhat.com/errata/RHSA-2023:5539
- https://access.redhat.com/errata/RHSA-2023:6162
- https://access.redhat.com/errata/RHSA-2023:6185
- https://access.redhat.com/errata/RHSA-2023:6188
- https://access.redhat.com/errata/RHSA-2023:6186
- https://access.redhat.com/errata/RHSA-2023:6189
- https://access.redhat.com/errata/RHSA-2023:6190
- https://access.redhat.com/errata/RHSA-2023:6187
- https://access.redhat.com/errata/RHSA-2023:6192
- https://access.redhat.com/errata/RHSA-2023:6191
- https://access.redhat.com/errata/RHSA-2023:6193
- https://access.redhat.com/errata/RHSA-2023:6194
- https://access.redhat.com/errata/RHSA-2023:6197
- https://access.redhat.com/errata/RHSA-2023:6198
- https://access.redhat.com/errata/RHSA-2023:6195
- https://access.redhat.com/errata/RHSA-2023:6199
- https://access.redhat.com/errata/RHSA-2023:6196
- https://bugzilla.redhat.com/show_bug.cgi?id=2241806
Frequently Asked Questions
What is the severity of REDHAT-BUG-2241806?
The severity of REDHAT-BUG-2241806 is classified as critical due to the potential for crashes during encoding.
How do I fix REDHAT-BUG-2241806?
To fix REDHAT-BUG-2241806, update libvpx to version 1.13.1 or later.
What software is affected by REDHAT-BUG-2241806?
The affected software for REDHAT-BUG-2241806 is libvpx versions prior to 1.13.1.
What kind of vulnerability is REDHAT-BUG-2241806?
REDHAT-BUG-2241806 is a vulnerability that involves mishandling widths in VP9 leading to crashes.
Is there an upstream patch available for REDHAT-BUG-2241806?
Yes, there is an upstream patch available in the code repository for libvpx addressing REDHAT-BUG-2241806.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-44488
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/webmproject
- canonical/webm project libvpx