CVE-2024-1580

NameCVE-2024-1580
DescriptionAn integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-5686-1
Debian Bugs1064310

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dav1d (PTS)bullseye0.7.1-3vulnerable
bullseye (security)0.7.1-3+deb11u1fixed
bookworm1.0.0-2vulnerable
bookworm (security)1.0.0-2+deb12u1fixed
sid, trixie1.4.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dav1dsourcebullseye0.7.1-3+deb11u1DSA-5686-1
dav1dsourcebookworm1.0.0-2+deb12u1DSA-5686-1
dav1dsource(unstable)1.4.0-11064310

Notes

https://code.videolan.org/videolan/dav1d/commit/2b475307dc11be9a1c3cc4358102c76a7f386a51 (1.4.0)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2502

Search for package or bug name: Reporting problems