CVE-2023-44488

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 30, 2023

Updated: Nov 16, 2023

CWE ID 755

Summary

CVE-2023-44488 is a vulnerability affecting libvpx versions prior to 1.13.1. This issue involves the VP9 codec, where improper handling of widths during encoding results in a crash. By exploiting this vulnerability, an attacker could potentially gain unintended control over an affected system, leading to potential security risks and denial-of-service attacks. It is recommended that users upgrade to the latest version of libvpx to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Red Hat Enterprise Linux
Debian
Fedora Operating System

Affected Vendors

Debian
Red Hat
Fedora Project
WebM Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s2ERAJ
https://www.cve.org/CVERecord?id=CVE-2023-44488
https://nvd.nist.gov/vuln/detail/CVE-2023-44488

Back to Vulnerability Database