An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products. A small picture can cause an integer underflow, which leads to a Denial of Service in the process of encoding.
References
Link | Resource |
---|---|
https://bitbucket.org/multicoreware/x265/issues/345/integer-underflow-in-x265-source-common | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2017-05-11 13:29
Updated : 2020-09-02 12:12
NVD link : CVE-2017-8906
Mitre link : CVE-2017-8906
JSON object : View
CWE
CWE-191
Integer Underflow (Wrap or Wraparound)
Products Affected
multicorewareinc
- x265_high_efficiency_video_coding