Severity by source
Network delivery of a crafted file requires user interaction but no privileges; out-of-bounds write in C/C++ parser creates realistic full-impact potential.
Lifecycle Timeline
2DescriptionCVE.org
[GHSA-5gf7-wjfm-vmvm: Out-of-bounds bit clears for negative Matroska ReadOrder values]
AnalysisAI
Out-of-bounds bit clear operations in a Matroska container format parser allow processing of maliciously crafted media files containing negative ReadOrder field values to corrupt memory. The vulnerability arises when a negative integer ReadOrder value is used without adequate sign checking, causing bit-clear write operations to target memory locations outside the intended buffer boundary. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that a target system parse or render a specially crafted Matroska file containing a negative ReadOrder field value. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No CVSS score or vector has been assigned in the available data, so quantitative risk signals are absent. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious Matroska (.mkv or .webm) file containing a block with a large negative ReadOrder value and delivers it to a target - via a web download, email attachment, or media streaming endpoint. When the vulnerable parser processes the file, it uses the negative ReadOrder value as an offset for a bit-clear operation, writing outside the intended buffer and corrupting adjacent memory. … |
| Remediation | Consult the GitHub Security Advisory GHSA-5gf7-wjfm-vmvm for the upstream fix commit or patched release version, then apply the corresponding vendor package update through Ubuntu's package manager (apt upgrade). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today