The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-1611-1 | libav security update |
![]() |
DSA-3376-1 | chromium-browser security update |
![]() |
EUVD-2015-6698 | The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file. |
![]() |
USN-2770-1 | Oxide vulnerabilities |
![]() |
USN-2770-2 | Oxide vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: Chrome
Published:
Updated: 2024-08-06T07:29:24.808Z
Reserved: 2015-08-31T00:00:00
Link: CVE-2015-6761

No data.

Status : Deferred
Published: 2015-10-15T10:59:06.920
Modified: 2025-04-12T10:46:40.837
Link: CVE-2015-6761


No data.