libaom Video Codec Library Exposed: Critical CVE-2024-5171 Vulnerability with CVSS 10
A critical vulnerability, identified as CVE-2024-5171, has been discovered in libaom, a popular open-source video codec library. This vulnerability, with a CVSS score of 10 (the highest severity rating), allows attackers to exploit a heap buffer overflow, potentially leading to remote code execution and unauthorized access to affected systems.
The root cause of the vulnerability lies in an integer overflow within libaom’s internal function img_alloc_helper. This function, used to allocate image buffers, can be reached through three different callers (aom_img_alloc(), aom_img_wrap(), and aom_img_alloc_with_border()). By manipulating parameters related to image dimensions and alignment, an attacker can trigger the integer overflow, causing the allocated buffer to be smaller than expected. This mismatch allows attackers to overwrite adjacent memory regions, leading to arbitrary code execution.
The vulnerability is not limited to libaom. A similar issue, tracked as CVE-2024-5197 (CVSS 5.9), has also been found in libvpx, another widely used video codec library closely related to libaom. Both vulnerabilities share the same root cause and exploit mechanism.
Technical details and a proof-of-concept exploit have been published, highlighting the severity of these vulnerabilities. The availability of this information increases the urgency for users to apply the patches, as it provides attackers with the necessary details to craft exploits.
The impact of CVE-2024-5171 and CVE-2024-5197 is significant due to the widespread use of libaom and libvpx in various applications, including web browsers, video conferencing tools, and media players. An exploited vulnerability could lead to remote code execution, data leakage, and full system compromise.
The good news is that patches are available. Users are strongly urged to update to libaom v3.9.0 and libvpx v1.14.1, which contain fixes for these vulnerabilities. It is crucial to apply these updates promptly to protect systems from potential attacks.
