CVE-2023-6879
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 27, 2023
Updated: Feb 2, 2024
CWE ID 787
CWE ID 20
Summary
CVE-2023-6879 is a newly discovered vulnerability affecting the AOM-AV1 video codec. The issue arises during multi-threaded encode operations when increasing the resolution of video frames. This can result in a heap overflow in the av1_loop_restoration_dealloc() function, potentially leading to arbitrary code execution and security breaches. Exploitation of this vulnerability could allow an attacker to gain control over an affected system or network. Organizations are advised to apply patches or updates as soon as they become available to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Fedora Operating System
Affected Vendors
- Fedora Project