CVE-2020-18776

Name of the Vulnerable Software and Affected Versions: Libav version 12.3

Description: The issue is related to a segmentation fault in the vc1 decode b mb intfr function in vc1 block.c, which can be triggered by an attacker using a crafted file, resulting in a denial-of-service.

Recommendations: For Libav version 12.3, consider disabling the vc1 decode b mb intfr function as a temporary workaround until a patch is available. Restrict access to crafted files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.