CVE-2017-11076

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 26, 2024
CWE ID 823

Summary

CVE-2017-11076 is a vulnerability affecting certain hardware revisions of media decoders. The issue lies in the VP9 decoding process, where the frame size is not properly programmed into the decoder hardware. This can result in an invalid memory access by the decoder, potentially leading to crashes or even more serious security consequences. Unsecured access to decoder memory could allow an attacker to execute arbitrary code or read sensitive information. It is essential to apply the available patches or updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Qualcomm Snapdragon Wear

Affected Vendors

  • Qualcomm Incorporated