CVE-2024-1580

high

Description

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.

References

https://support.apple.com/kb/HT214098

https://support.apple.com/kb/HT214097

https://support.apple.com/kb/HT214096

https://support.apple.com/kb/HT214095

https://support.apple.com/kb/HT214094

https://support.apple.com/kb/HT214093

https://www.darkreading.com/endpoint-security/apple-security-bug-opens-iphone-ipad-rce

https://lists.fedoraproject.org/archives/list/[email protected]/message/5EPMUNDMEBGESOJ2ZNCWYEAYOOEKNWOO/

https://code.videolan.org/videolan/dav1d/-/releases/1.4.0

https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS

http://seclists.org/fulldisclosure/2024/Mar/41

http://seclists.org/fulldisclosure/2024/Mar/40

http://seclists.org/fulldisclosure/2024/Mar/39

http://seclists.org/fulldisclosure/2024/Mar/38

http://seclists.org/fulldisclosure/2024/Mar/37

http://seclists.org/fulldisclosure/2024/Mar/36

Details

Source: Mitre, NVD

Published: 2024-02-19

Updated: 2025-02-13

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H