Dolby UDC Out-of-Bounds Write Vulnerability in DD+ Decoder Process

A vulnerability allowing out-of-bounds write has been identified in Dolby UDC versions 4.5 through 4.13. This issue arises when the DD+ decoder processes a malformed, manually edited bitstream, leading to a crash of the decoder process. The problem occurs in the 'evo_priv.c' component, where the length calculation for writing data can overflow, causing the allocated buffer to be too small. This buffer overflow allows for an out-of-bounds write, as the subsequent write's out-of-bounds check becomes ineffective.

Impact

Exploitation of this vulnerability can lead to a crash or restart of the media player. However, according to Dolby, there is a potential for code execution, particularly on Google Pixel devices, if this vulnerability is exploited in conjunction with other known Pixel vulnerabilities.

Remediation

Dolby advises OEMs and component providers with products that incorporate DD+ to contact their Dolby representative for the latest Dolby Digital Plus deliverables. Consumers should keep their devices up to date and enable automatic updates when supported. For specific device inquiries, consumers should reach out to the original device manufacturer.