There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1 or beyond

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9827 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Integer overflow in vpx_img_alloc() (CVE-2024-5197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9827 advisory.

    [1.9.0-8]
    - Add patch to fix integer overflows.
    - Disable LTO to fix build
    - Resolves: RHEL-58144

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5941 advisory.

    * libvpx: Heap buffer overflow related to VP9 encoding (CVE-2023-6349)

    * libvpx: Integer overflow in vpx_img_alloc() (CVE-2024-5197)

Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5941 advisory.

    * libvpx: Heap buffer overflow related to VP9 encoding (CVE-2023-6349)
    * libvpx: Integer overflow in vpx_img_alloc() (CVE-2024-5197)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5941 advisory.

    [1.7.0-11]
    - Add patch to fix integer overflows.
    - Fix compilation by including limits.h
    - Resolves: RHEL-40650

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5941 advisory.

    The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec,     commonly used with the WebM multimedia container file format.

    Security Fix(es):

    * libvpx: Heap buffer overflow related to VP9 encoding (CVE-2023-6349)

    * libvpx: Integer overflow in vpx_img_alloc() (CVE-2024-5197)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of firefox installed on the remote host is prior to 115.13.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2FIREFOX-2024-028 advisory.

    There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a     large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of     buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling     vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer     overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t     struct may be invalid. We recommend upgrading to version 1.14.1 or beyond (CVE-2024-5197)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2409-1 advisory.

    - CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large     parameters (bsc#1225879).
    - CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally     configured size (bsc#1225403).
    - CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2408-1 advisory.

    - CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large     parameters (bsc#1225879).
    - CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally     configured size (bsc#1225403).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5722 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5722-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     June 26, 2024                         https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : libvpx     CVE ID         : CVE-2024-5197

    It was discovered that multiple integer overflows in libvpx, a     multimedia library for the VP8 and VP9 video codecs, may result in     denial of service and potentially the execution of arbitrary code.

    For the oldstable distribution (bullseye), this problem has been fixed     in version 1.9.0-1+deb11u3.

    For the stable distribution (bookworm), this problem has been fixed in     version 1.12.0-1+deb12u3.

    We recommend that you upgrade your libvpx packages.

    For the detailed security status of libvpx please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/libvpx

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3830 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-3830-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                          Adrian Bunk     June 16, 2024                                 https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : libvpx     Version        : 1.7.0-3+deb10u3     CVE ID         : CVE-2024-5197

    Integer overflows have been fixed in libvpx, a library for decoding and     encoding VP8 and VP9 videos.

    For Debian 10 buster, this problem has been fixed in version     1.7.0-3+deb10u3.

    We recommend that you upgrade your libvpx packages.

    For the detailed security status of libvpx please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/libvpx

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6814-1 advisory.

    Xiantong Hou discovered that libvpx did not properly handle certain malformed media files. If an     application using libvpx opened a specially crafted file, a remote attacker could cause a denial of     service, or possibly execute arbitrary code.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
211767	RHEL 9 : libvpx (RHSA-2024:9827)	Nessus	Red Hat Local Security Checks	medium
211618	Oracle Linux 9 : libvpx (ELSA-2024-9827)	Nessus	Oracle Linux Local Security Checks	medium
207310	Rocky Linux 8 : libvpx (RLSA-2024:5941)	Nessus	Rocky Linux Local Security Checks	medium
206323	AlmaLinux 8 : libvpx (ALSA-2024:5941)	Nessus	Alma Linux Local Security Checks	medium
206313	Oracle Linux 8 : libvpx (ELSA-2024-5941)	Nessus	Oracle Linux Local Security Checks	medium
206278	RHEL 8 : libvpx (RHSA-2024:5941)	Nessus	Red Hat Local Security Checks	medium
206070	Amazon Linux 2 : firefox (ALASFIREFOX-2024-028)	Nessus	Amazon Linux Local Security Checks	medium
202250	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libvpx (SUSE-SU-2024:2409-1)	Nessus	SuSE Local Security Checks	high
202248	SUSE SLED15 / SLES15 Security Update : libvpx (SUSE-SU-2024:2408-1)	Nessus	SuSE Local Security Checks	high
201050	Debian dsa-5722 : libvpx-dev - security update	Nessus	Debian Local Security Checks	high
200647	Debian dla-3830 : libvpx-dev - security update	Nessus	Debian Local Security Checks	high
200175	Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : libvpx vulnerability (USN-6814-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2024-5197

medium

Tenable Plugins

medium

medium

medium

medium

medium

medium

medium

high

high

high

high

high