CVE-2026-56210 HIGH

CVE-2026-56210: Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id

Vendor Red Hat
Product Red Hat Enterprise Linux 10
Weakness CWE-125
Published June 19, 2026
Last update June 30, 2026

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

What the vulnerability does

01Description

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding the configured number of layers. This causes an out-of-bounds heap read of approximately 40,728 bytes when computing a layer context array index. An attacker who can influence SVC encoder parameters in a network-facing service could exploit this for information disclosure (heap content leak) or denial of service (segmentation fault from hitting unmapped memory).

Key dates

02Disclosure timeline

June 19, 2026 CVE published
June 30, 2026 Record updated