CVE-2017-8906

Published: May 11, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products. A small picture can cause an integer underflow, which leads to a Denial of Service in the process of encoding.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bitbucket.org/multicoreware/x265/issues/345/integer-underflow-in-x265-source-common

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-8906

Description

Affected Products

References