CVE-2017-1000460

Name of the Vulnerable Software and Affected Versions libav version 13 dev0 ffmpeg version n3.4 chromium versions prior to 56 (before Feb 13, 2017)

Description The issue arises from the return value of init get bits being ignored, leading to get ue golomb(&gb) being called on an uninitialized get bits context. This results in a NULL deref exception.

Recommendations For libav version 13 dev0, ensure proper initialization of the get bits context before calling get ue golomb(&gb). For ffmpeg version n3.4, verify the return value of init get bits to prevent calling get ue golomb(&gb) on an uninitialized context. For chromium versions prior to 56 (before Feb 13, 2017), update to a version released after Feb 13, 2017, to ensure the issue is resolved.