CVE-2023-39616

AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugs.chromium.org/p/aomedia/issues/detail?id=3372#c3	Issue Tracking Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:aomedia:aomedia:*:*:*:*:*:*:*:*

History

31 Aug 2023, 20:23

Type	Values Removed	Values Added
CPE		cpe:2.3:a:aomedia:aomedia::::::::
References	~~(MISC) https://bugs.chromium.org/p/aomedia/issues/detail?id=3372#c3 -~~	(MISC) https://bugs.chromium.org/p/aomedia/issues/detail?id=3372#c3 - Issue Tracking, Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		CWE-119
First Time		Aomedia Aomedia aomedia

29 Aug 2023, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-29 17:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-39616

Mitre link : CVE-2023-39616

CVE.ORG link : CVE-2023-39616

JSON object : View

Products Affected

aomedia

aomedia

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

7.5 /10