CVE-2018-12447

Name of the Vulnerable Software and Affected Versions libbpg version 0.9.8

Description The issue is related to an integer overflow in the restore tqb pixels function, located in the hevc filter.c file of libavcodec, which can lead to a heap-based buffer overflow and potentially allow remote code execution.

Recommendations For libbpg version 0.9.8, consider applying a patch that fixes the integer overflow in the restore tqb pixels function to prevent heap-based buffer overflow and remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.