PT-2017-13000 · Videolan+1 · X265+1

Published

2017-08-24

Updated

2018-06-25

CVE-2017-13666

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions x265 versions prior to 2.5

Description An integer underflow issue exists in the x86 assembly code for the planeClipAndMax() function in pixel-a.asm. This can be triggered by a small height value, leading to an integer underflow that causes a crash.

Recommendations For versions prior to 2.5, update to version 2.5 or later to resolve the issue.

Exploit

Fix

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

ALT-PU-2018-1928

CVE-2017-13666

Affected Products

Alt Linux

X265

PT-2017-13000 · Videolan+1 · X265+1

CVE-2017-13666

Weakness Enumeration

Related Identifiers

Affected Products

References · 6