PT-2024-5217 · Libvpx+7 · Libvpx+7

Published

2023-10-02

Updated

2025-07-22

CVE-2023-6349

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: libvpx versions prior to 1.13.1

Description: A heap overflow issue exists in libvpx when encoding a frame with larger dimensions than the originally configured size using VP9, potentially resulting in a heap overflow.

Recommendations: For versions prior to 1.13.1, we recommend upgrading to version 1.13.1 or above.

Exploit

Fix

DoS

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

ALSA-2024:5941

BDU:2024-05778

CESA-2024_5941

CVE-2023-6349

INFSA-2024_5941

OPENSUSE-SU-2024_2409-1

RHSA-2024:5941

RHSA-2024_5941

RLSA-2024:5941

SUSE-SU-2024:2408-1

SUSE-SU-2024:2409-1

SUSE-SU-2024_2408-1

USN-6403-1

USN-6403-2

USN-6403-3

Affected Products

Almalinux

Astra Linux

Centos

Red Hat

Red Os

Rocky Linux

Suse

Libvpx

PT-2024-5217 · Libvpx+7 · Libvpx+7

CVE-2023-6349

Weakness Enumeration

Related Identifiers

Affected Products

References · 46