In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libwebm | Webmproject | * | 1.0.0.27 (including) |
Android | Ubuntu | trusty | * |
Android | Ubuntu | xenial | * |
Chromium-browser | Ubuntu | trusty | * |
Chromium-browser | Ubuntu | upstream | * |
Libvpx | Ubuntu | cosmic | * |
Libvpx | Ubuntu | trusty | * |
Oxide-qt | Ubuntu | trusty | * |
Oxide-qt | Ubuntu | xenial | * |
Sludge | Ubuntu | bionic | * |
Sludge | Ubuntu | cosmic | * |
Sludge | Ubuntu | disco | * |
Sludge | Ubuntu | eoan | * |
Sludge | Ubuntu | groovy | * |
Sludge | Ubuntu | hirsute | * |
Sludge | Ubuntu | impish | * |
Sludge | Ubuntu | kinetic | * |
Sludge | Ubuntu | lunar | * |
Sludge | Ubuntu | mantic | * |
Sludge | Ubuntu | trusty | * |
Sludge | Ubuntu | xenial | * |