UBUNTU-CVE-2026-56209

Source
https://ubuntu.com/security/CVE-2026-56209
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56209.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-56209
Upstream
  • CVE-2026-56209
Published
2026-06-19T17:16:00Z
Modified
2026-06-24T11:01:47.483181186Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel values. The encoder then writes approximately 1,200 bytes at the attacker-controlled address. This is fully deterministic and does not require a separate information leak. An attacker who can supply frames to a network-facing libaom encoder with SVC enabled could exploit this for denial of service or potential code execution.

References

Affected packages

Ubuntu:20.04:LTS / aom

Package

Name
aom
Purl
pkg:deb/ubuntu/aom?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.0.0-3
1.0.0.errata1-2
1.0.0.errata1-2ubuntu3
1.0.0.errata1-3
1.0.0.errata1-3build1
1.0.0.errata1-3+deb11u1build0.20.04.1
1.0.0.errata1-3+deb11u1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "aom-tools",
            "binary_version": "1.0.0.errata1-3+deb11u1ubuntu0.1"
        },
        {
            "binary_name": "libaom0",
            "binary_version": "1.0.0.errata1-3+deb11u1ubuntu0.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56209.json"

Ubuntu:22.04:LTS / aom

Package

Name
aom
Purl
pkg:deb/ubuntu/aom?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.0.0.errata1-3build1
3.*
3.2.0-2
3.3.0-1
3.3.0-1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "aom-tools",
            "binary_version": "3.3.0-1ubuntu0.1"
        },
        {
            "binary_name": "libaom3",
            "binary_version": "3.3.0-1ubuntu0.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56209.json"

Ubuntu:24.04:LTS / aom

Package

Name
aom
Purl
pkg:deb/ubuntu/aom?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.6.1-1
3.7.0-1
3.7.1-1
3.8.1-1
3.8.2-2build1
3.8.2-2ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "aom-tools",
            "binary_version": "3.8.2-2ubuntu0.1"
        },
        {
            "binary_name": "libaom3",
            "binary_version": "3.8.2-2ubuntu0.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56209.json"

Ubuntu:25.10 / aom

Package

Name
aom
Purl
pkg:deb/ubuntu/aom?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.12.0-1
3.12.1-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "aom-tools",
            "binary_version": "3.12.1-1"
        },
        {
            "binary_name": "libaom3",
            "binary_version": "3.12.1-1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56209.json"

Ubuntu:26.04:LTS / aom

Package

Name
aom
Purl
pkg:deb/ubuntu/aom?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.12.1-1
3.13.1-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "aom-tools",
            "binary_version": "3.13.1-2"
        },
        {
            "binary_name": "libaom3",
            "binary_version": "3.13.1-2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-56209.json"