PT-2021-7903 · Aom+3 · Aom+3

Published

2021-12-02

Updated

2024-01-31

CVE-2020-36133

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AOM version 2.0.1

Description The issue is related to a global buffer overflow in the av1/encoder/partition search.h component of the AOM library, which implements the AV1 codec. This overflow can be exploited by a remote attacker to execute arbitrary code.

Recommendations For AOM version 2.0.1, consider disabling the partition search.h component until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2023-05290

CVE-2020-36133

DLA-3556-1

DSA-5490-1

MGASA-2022-0040

USN-6447-1

Affected Products

Aom

Astra Linux

Linuxmint

Ubuntu

PT-2021-7903 · Aom+3 · Aom+3

CVE-2020-36133

Weakness Enumeration

Related Identifiers

Affected Products

References · 37