CVE-2024-56431
Published: December 26, 2024Last modified: June 24, 2025
Description
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.8 |
| Attack Vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Notes
Possibly not affected, as this CVE is disputed: https://www.openwall.com/lists/oss-security/2025/04/25/6 Fixed in 1.2.0 https://gitlab.xiph.org/xiph/theora/-/commit/5665f86b8fd8345bb09469990e79221562ac204b
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | libtheora | Unknown (1.1.1-r16) |
| Stream | libtheora | Unknown (1.1.1-r16) |
References
- http://www.openwall.com/lists/oss-security/2025/04/25/4
- http://www.openwall.com/lists/oss-security/2025/04/25/6
- https://github.com/UnionTech-Software/libtheora-CVE-2024-56431-PoC
- https://github.com/xiph/theora/blob/7180717276af1ebc7da15c83162d6c5d6203aabf/lib/huffdec.c#L193
- https://github.com/xiph/theora/issues/17#issuecomment-2480630603
- https://www.openwall.com/lists/oss-security/2025/04/25/6