Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.
2013-02-23T21:55:02.000
2025-04-11T00:51:21.963
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | opus-codec | opus | < 1.0.2 | Yes |
Application | chrome | - | No | |
Application | chrome | < 25.0.1364.97 | Yes | |
Operating System | linux | linux_kernel | - | No |
Operating System | microsoft | windows | - | No |
Application | chrome | < 25.0.1364.99 | Yes | |
Operating System | apple | ipados | - | No |
Operating System | apple | iphone_os | - | No |
Operating System | apple | mac_os_x | - | No |
Operating System | apple | macos | - | No |
Operating System | opensuse | opensuse | 12.1 | Yes |
Operating System | opensuse | opensuse | 12.2 | Yes |