Mageia 9 MGASA-2024-0220: Moderate AOM Buffer Overflow Risk
mageia
June 14, 2024
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow
Summary
Integer overflow in libaom internal function img_alloc_helper can lead
to heap buffer overflow. This function can be reached via 3 callers: *
Calling aom_img_alloc() with a large value of the d_w, d_h, or align
parameter may result in integer overflows in the calculations of buffer
sizes and offsets and some fields of the returned aom_image_t struct may
be invalid. * Calling aom_img_wrap() with a large value of the d_w, d_h,
or align parameter may result in integer overflows in the calculations
of buffer sizes and offsets and some fields of the returned aom_image_t
struct may be invalid. * Calling aom_img_alloc_with_border() with a
large value of the d_w, d_h, align, size_align, or border parameter may
result in integer overflows in the calculations of buffer sizes and
offsets and some fields of the returned aom_image_t struct may be
invalid. (CVE-2024-5171)
References
- https://bugs.mageia.org/show_bug.cgi?id=33280
- https://ubuntu.com/security/notices/USN-6815-1
- https://www.cve.org/CVERecord?id=CVE-2024-5171
Topics Covered
Resolution
SRPMS
- 9/core/aom-3.6.0-1.1.mga9
PREVIOUS 
NEXT Publication date: 14 Jun 2024
URL: https://advisories.mageia.org/MGASA-2024-0220.html
Type: security
CVE: CVE-2024-5171
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!