Advisories » MGASA-2024-0111

Updated dav1d packages fix security vulnerability

Publication date: 05 Apr 2024
Modification date: 05 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-1580

Description

An integer overflow in dav1d AV1 decoder that can occur when decoding
videos with large frame size. This can lead to memory corruption within
the AV1 decoder. (CVE-2024-1580)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33014
• https://lwn.net/Articles/966589/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1580

SRPMS

9/core

• dav1d-1.2.1-1.1.mga9