Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Google Pixel MFC H264 Processing Memory Corruption[6]
- Authored by Google Security Research[7], natashenka[8]
-
There is a memory corruption issue in the MFC media processing core on the Pixel 7. It occurs when decoding a malformed H264 stream in Chrome, likely to due to an out of bounds quantization parameter. A write to plane 0 that occurs during macroblock decoding extends past the allocated bounds of the plane, and can overwrite the motion vector (MV) buffer or cause a crash if the adjacent address is unmapped. Both of these allocations are DMA buffers and it is unclear whether this condition is exploitable.
- advisories | CVE-2024-27228[9]
- SHA-256 |
03533e71b8963179a0ae3ad68550b9e5e705a79dd75292d232b287f1c47b89f6
- Download[10] | Favorite[11] | View[12]
File Tags
- ActiveX[18] (933)
- Advisory[19] (84,704)
- Arbitrary[20] (16,634)
- BBS[21] (2,859)
- Bypass[22] (1,826)
- CGI[23] (1,032)
- Code Execution[24] (7,628)
- Conference[25] (688)
- Cracker[26] (844)
- CSRF[27] (3,373)
- DoS[28] (24,511)
- Encryption[29] (2,383)
- Exploit[30] (52,752)
- File Inclusion[31] (4,251)
- File Upload[32] (984)
- Firewall[33] (822)
- Info Disclosure[34] (2,844)
- Intrusion Detection[35] (906)
- Java[36] (3,118)
- JavaScript[37] (889)
- Kernel[38] (6,998)
- Local[39] (14,705)
- Magazine[40] (586)
- Overflow[41] (13,033)
- Perl[42] (1,430)
- PHP[43] (5,187)
- Proof of Concept[44] (2,367)
- Protocol[45] (3,694)
- Python[46] (1,599)
- Remote[47] (31,381)
- Root[48] (3,617)
- Rootkit[49] (521)
- Ruby[50] (619)
- Scanner[51] (1,650)
- Security Tool[52] (7,974)
- Shell[53] (3,246)
- Shellcode[54] (1,217)
- Sniffer[55] (900)
- Spoof[56] (2,257)
- SQL Injection[57] (16,520)
- TCP[58] (2,423)
- Trojan[59] (688)
- UDP[60] (897)
- Virus[61] (668)
- Vulnerability[62] (32,560)
- Web[63] (9,863)
- Whitepaper[64] (3,772)
- x86[65] (967)
- XSS[66] (18,156)
- Other[67]
File Archives
- April 2024[68]
- March 2024[69]
- February 2024[70]
- January 2024[71]
- December 2023[72]
- November 2023[73]
- October 2023[74]
- September 2023[75]
- August 2023[76]
- July 2023[77]
- June 2023[78]
- May 2023[79]
- Older[80]
Systems
- AIX[81] (429)
- Apple[82] (2,078)
- BSD[83] (376)
- CentOS[84] (58)
- Cisco[85] (1,927)
- Debian[86] (7,001)
- Fedora[87] (1,693)
- FreeBSD[88] (1,246)
- Gentoo[89] (4,467)
- HPUX[90] (880)
- iOS[91] (373)
- iPhone[92] (108)
- IRIX[93] (220)
- Juniper[94] (69)
- Linux[95] (49,103)
- Mac OS X[96] (691)
- Mandriva[97] (3,105)
- NetBSD[98] (256)
- OpenBSD[99] (488)
- RedHat[100] (15,421)
- Slackware[101] (941)
- Solaris[102] (1,611)
- SUSE[103] (1,444)
- Ubuntu[104] (9,411)
- UNIX[105] (9,384)
- UnixWare[106] (187)
- Windows[107] (6,645)
- Other[108]
- Services
- Security Services[119]
- Hosting By
- Rokasec[120]