Debian 9899 Published by

An aom security update has been released for Debian GNU/Linux 10 LTS to address multiple security vulnerabilities, including buffer overflows, use-after-free and NULL pointer dereferences.

[SECURITY] [DLA 3556-1] aom security update

Debian LTS Advisory DLA-3556-1 Markus Koschany
September 06, 2023

Package : aom
Version : 1.0.0-3+deb10u1
CVE ID : CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135
CVE-2021-30473 CVE-2021-30474 CVE-2021-30475

Multiple security vulnerabilities have been discovered in aom, the AV1
Video Codec Library. Buffer overflows, use-after-free and NULL pointer
dereferences may cause a denial of service or other unspecified impact if a
malformed multimedia file is processed.

For Debian 10 buster, these problems have been fixed in version

We recommend that you upgrade your aom packages.

For the detailed security status of aom please refer to
its security tracker page at:

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: