Memory Corruption in dav1d AV1 Decoder Due to Integer Overflow

CVE-2024-1580

5.9MEDIUM

Key Information

Vendor
Videolan
Status
Dav1d
Vendor
CVE Published:
19 February 2024

Badges

πŸ“ˆ TrendedπŸ“ˆ Score: 3,420πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

What is CVE-2024-1580?

CVE-2024-1580 is a critical vulnerability found in the dav1d AV1 decoder, a software component developed by Videolan for decoding AV1 video format. The vulnerability stems from an integer overflow that occurs when processing videos featuring large frame sizes. This memory corruption issue presents substantial risks to organizations utilizing this software, as it could potentially allow adversaries to execute arbitrary code, disrupt service, or manipulate video streams, thereby compromising the integrity and security of the systems relying on dav1d for media processing.

Technical Details

The vulnerability arises from an integer overflow during the decoding process within the dav1d AV1 decoder. Specifically, this flaw can be triggered when an unusually large video frame is decoded, leading to unexpected behavior through memory corruption. Technical investigations into this vulnerability recommend users to upgrade to versions beyond 1.4.0 of dav1d to ensure protection against this flaw. Prior versions are susceptible to exploitation due to this technical deficiency, suggesting the need for immediate remediation by affected users.

Impact of the Vulnerability

  1. Arbitrary Code Execution: The most severe impact of CVE-2024-1580 is the potential for attackers to execute arbitrary code on affected systems. If successfully exploited, this could allow complete control over the compromised system, enabling unauthorized access to sensitive data and resources.

  2. Service Disruption: Exploiting this vulnerability could lead to service outages or crashes of applications relying on the dav1d decoder, disrupting normal operations and affecting user experience.

  3. Data Integrity Risks: The exploitation of this vulnerability poses risks to data integrity, as attackers could manipulate the video streams or data processed through the codec, leading to misinformation or compromised media content.

Affected Version(s)

dav1d < 1.4.0

News Articles

favicon imageForbes

iOS 17.4.1β€”Apple Suddenly Reveals Fixes In New iPhone Update

Days after issuing iOS 17.4.1, Apple has finally revealed the details about fixes contained in its new iPhone update. Here's what you need to know.

9 months ago

Dark Reading

Apple Security Bug Opens iPhone, iPad to RCE

CVE-2024-1580 allows remote attackers to execute arbitrary code on affected devices.

9 months ago

favicon imageLinux Security

SUSE: 2024:0963-1 moderate: dav1d | LinuxSecurity.com

SUSE: 2024:0963-1 moderate: dav1d - # Security update for dav1d Announcement ID: SUSE-SU-2024:0963-1 Rating: moderate References: * bsc#

9 months ago

References

https://code.videolan.org/videolan/dav1d/-/releases/1.4.0
https://code.videolan.org/videolan/dav1d/-/blob/master/NEWS
https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“ˆ

    Vulnerability started trending

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by SecurityWeek

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database4 News Article(s)
.