CVE-2017-11076
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 26, 2024
CWE ID 823
Summary
CVE-2017-11076 is a vulnerability affecting certain hardware revisions of media decoders. The issue lies in the VP9 decoding process, where the frame size is not properly programmed into the decoder hardware. This can result in an invalid memory access by the decoder, potentially leading to crashes or even more serious security consequences. Unsecured access to decoder memory could allow an attacker to execute arbitrary code or read sensitive information. It is essential to apply the available patches or updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Qualcomm Snapdragon Wear
Affected Vendors
- Qualcomm Incorporated