Maybe this just isn’t practical, due to the scope of what it is designed to stream, but this has bitten me in the recent past.Īs a part of my work, I sometimes need to stream video (H.264 wrapped in RTP transmitted over UDP) from an embedded device I’m working on to an attached Linux PC. VLC doesn’t appear to test every feature for every release. Multimedia applications and services relying on FFmpeg, which uses libvpx, are also at risk. This includes WebRTC platforms, streaming services using VP8 or VP9 formats, and even mobile apps. Affected by this issue are various applications and services that employ the libvpx library for VP8 and VP9 video encoding and decoding. The exploit for this vulnerability is known to exist in the wild, raising immediate concerns. This vulnerability allows for arbitrary code execution, enabling an attacker to run malicious software on a targeted system. The issue is registered as CVE-2023-5217. Google’s Threat Analysis Group, led by Clément Lecigne, has discovered a high-severity heap buffer overflow vulnerability in the libvpx library, specifically in its VP8 encoding component. WebM) which was part of the recent Critical fixes made to every web browser, some OS’ and numerous products. Of particular importance, VLC 3.0.19 (released early just 3 weeks prior) updated the libvpx library (aka.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |