CVE-2026-56210
Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id
Description
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding the configured number of layers. This causes an out-of-bounds heap read of approximately 40,728 bytes when computing a layer context array index. An attacker who can influence SVC encoder parameters in a network-facing service could exploit this for information disclosure (heap content leak) or denial of service (segmentation fault from hitting unmapped memory).
INFO
Published Date :
June 19, 2026, 4:28 p.m.
Last Modified :
June 19, 2026, 4:28 p.m.
Remotely Exploit :
Yes !
Source :
redhat
Affected Products
The following products are affected by CVE-2026-56210
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | 53f830b8-0a3f-465b-8143-3b8a9948e749 | ||||
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Validate SVC spatial_layer_id against configured layers.
- Update libaom to a patched version.
- Apply input validation for SVC parameters.
- Limit access to network-facing services.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-56210 vulnerability anywhere in the article.