Vulnerabilities > CVE-2017-13666 - Integer Underflow (Wrap or Wraparound) vulnerability in Multicorewareinc X265

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
low complexity
multicorewareinc
CWE-191

Summary

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow, which leads to a crash. This is a different vulnerability than CVE-2017-8906.

Common Weakness Enumeration (CWE)