Nick Galloway

**Name of the Vulnerable Software and Affected Versions** dav1d versions prior to 1.4.0 libdav1d-sys versions prior to 0.7.0 CoreMedia and WebRTC in Apple devices (affected versions not specified) **Description** The issue is related to an integer overflow in the dav1d AV1 decoder that can occur when decoding videos with large frame sizes, leading to memory corruption within the AV1 decoder. This can allow a remote attacker to execute arbitrary code on affected devices. The vulnerability affects various Apple devices, including those running iOS, iPadOS, visionOS, and macOS, as well as the Safari browser and Fedora. **Recommendations** For dav1d versions prior to 1.4.0, upgrade past version 1.4.0. For libdav1d-sys versions prior to 0.7.0, upgrade to version 0.7.0, which includes dav1d 1.4.0. For CoreMedia and WebRTC in Apple devices, apply the latest security updates released by Apple to address the vulnerability. As a temporary workaround, consider restricting the use of the dav1d AV1 decoder until a patch is available.