CVE-2023-32570

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions VideoLAN dav1d versions prior to 1.2.0

Description The issue is related to a thread task.c race condition that can lead to an application crash. This condition is associated with the dav1d decode frame exit function.

Recommendations For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the dav1d decode frame exit function until a patch is available.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2023-1906

ALT-PU-2024-2955

ALT-PU-2024-4636

CVE-2023-32570

ECHO-CA6C-4314-8DC3

OPENSUSE-SU-2024:13730-1

ROSA-SA-2024-2376

SUSE-SU-2023:2618-1

SUSE-SU-2023_2618-1

Affected Products

Alt Linux

Debian

Suse

Dav1D

CVE-2023-32570

Weakness Enumeration

Related Identifiers

Affected Products

References · 21