Vigil@nce - WebRTC.org: buffer overflow via Frame Marking Extension
August 2020 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
Impacted products: Debian, Fedora, Chrome, Edge Chromium, openSUSE Leap, Opera, RHEL, SUSE Linux Enterprise Desktop, SLES, WebRTC.org.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Confidence: confirmed by the editor (5/5).
Creation date: 26/06/2020.
DESCRIPTION OF THE VULNERABILITY
An attacker can trigger a buffer overflow via Frame Marking Extension of WebRTC.org, in order to trigger a denial of service, and possibly to run code.
