There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.
2e6ee0c003e7075d02a19941dea59ff9838200ead28039478bb67d1a365c5bdc
Debian Linux Security Advisory 5686-1 - Nick Galloway discovered an integer overflow in dav1d, a fast and small AV1 video stream decoder which could result in memory corruption.
1d54a90fb87cd4c748525d19d9c51c2c51fc01f301f39ff1f96aba4e73e5a21f
Apple Security Advisory 03-25-2024-1 - Safari 17.4.1 addresses code execution and out of bounds write vulnerabilities.
f471ba7362f0f2b90319b73a7dc453ffcc58fe3527cb6cd08febf40e4748b5be
Apple Security Advisory 03-25-2024-2 - macOS Sonoma 14.4.1 addresses code execution and out of bounds write vulnerabilities.
aa1fea3125ddd9a33b68d4eb2f5f45f2cb316680beb32f3c34b1ae1698937f06
Apple Security Advisory 03-25-2024-3 - macOS Ventura 13.6.6 addresses code execution and out of bounds write vulnerabilities.
ced72f1a9374599bb4ba896407973597325dc34e5418151e9fa366065fa1f9d8
Apple Security Advisory 03-25-2024-4 - iOS 17.4.1 and iPadOS 17.4.1 addresses code execution and out of bounds write vulnerabilities.
ceab5dd799ddb939189e79021c2f1d622c446cfe144dea7adf0dbd70424e40fa
Apple Security Advisory 03-25-2024-5 - iOS 16.7.7 and iPadOS 16.7.7 addresses code execution and out of bounds write vulnerabilities.
5bc9f5a465daf6c01eafe47f409754a8dc438cf7a836b5c8c0b26ebed5c0c02d
Apple Security Advisory 03-25-2024-6 - visionOS 1.1.1 addresses code execution and out of bounds write vulnerabilities.
8c123b617f14c41dd8dc96e429bbcda84aa23f8f85b36dacd50674f85407e7b5
There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.
258b775b05e2d4378551ee4e66e5c90a5df4e7d9ef5dc5c37abec0ba66db8a8e