VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Aug 24, 2017· Updated May 13, 2026

CVE-2017-13666

CVE-2017-13666

Description

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow, which leads to a crash. This is a different vulnerability than CVE-2017-8906.

Affected products

26
  • Multicorewareinc/X26526 versions
    cpe:2.3:a:multicorewareinc:x265:0.1:*:*:*:*:*:*:*+ 25 more
    • cpe:2.3:a:multicorewareinc:x265:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:multicorewareinc:x265:2.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.