Explore top 10 tips to secure your open-source projects now. Read More
×
CVE-2014-9317
The decode_ihdr_chunk function in libavcodec/pngdec.c allowed remote
attackers to cause a denial of service (out-of-bounds heap access)
and possibly had other unspecified impact via an IDAT before an IHDR
in a PNG file. The issue got addressed by checking IHDR/IDAT order.
CVE-2015-6761
The update_dimensions function in libavcodec/vp8.c in libav relies on
a coefficient-partition count during multi-threaded operation, which
allowed remote attackers to cause a denial of service (race condition
and memory corruption) or possibly have unspecified other impact via
a crafted WebM file. This issue has been resolved by using
num_coeff_partitions in thread/buffer setup. The variable is not a
constant and can lead to race conditions.
CVE-2015-6818
The decode_ihdr_chunk function in libavcodec/pngdec.c did not enforce
uniqueness of the IHDR (aka image header) chunk in a PNG image, which
Get the latest Linux and open source security news straight to your inbox.