OpenH264 Heap Overflow Vulnerability in Decoding Functions Allowing Remote Code Execution

A heap overflow vulnerability has been identified in the OpenH264 codec library, specifically in versions through 2.5.0. This vulnerability arises from a race condition between the allocation of Sequence Parameter Set (SPS) memory and the subsequent use of non-Instantaneous Decoder Refresh (non-IDR) Network Abstraction Layer (NAL) units. A remote, unauthenticated attacker could exploit this vulnerability by crafting a malicious bitstream and tricking a victim into processing a video that contains it. This could lead to an unexpected crash in the victim's decoding client and potentially allow the attacker to execute arbitrary commands on the victim's host by exploiting the heap overflow.

Impact

Exploitation of this vulnerability could cause a crash in the user's decoding client and, due to the heap overflow, potentially allow for arbitrary code execution on the victim's host.

Remediation

Users are advised to upgrade to OpenH264 version 2.6.0 or later, where this vulnerability has been fixed. Instructions for downloading the latest version can be found in the OpenH264 GitHub repository.