CVE-2020-36134
Description
AOM v2.0.1 was discovered to contain a segmentation violation via the component aom_dsp/x86/obmc_sad_avx2.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
AOM v2.0.1 suffers from a segmentation violation in aom_dsp/x86/obmc_sad_avx2.c, potentially leading to denial of service.
Vulnerability
CVE-2020-36134 is a segmentation violation discovered in AOM v2.0.1, specifically in the file aom_dsp/x86/obmc_sad_avx2.c. The vulnerability resides in the AV1 Codec SDK library (libaom) and can be triggered when processing crafted input [1].
Exploitation
An attacker may exploit this vulnerability by providing specially crafted AV1 media to an application that uses the vulnerable version of libaom. No authentication is required if the application processes untrusted input. The exact exploitation steps are not publicly disclosed, but the segmentation violation indicates a memory corruption that could be leveraged for further impact [1].
Impact
The immediate impact is a denial-of-service condition caused by the program crash. While the Gentoo security advisory warns that multiple vulnerabilities in libaom can lead to remote code execution, this specific CVE only confirms a segmentation violation [1].
Mitigation
Users should upgrade to libaom version 3.2.0 or later, which contains the fix for this vulnerability. No known workaround exists. The Gentoo security advisory recommends updating via emerge --sync ; emerge --ask --oneshot --verbose ">=media-libs/libaom-3.2.0" [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- AOM/AOMdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- security.gentoo.org/glsa/202401-32mitrevendor-advisory
- bugs.chromium.org/p/aomedia/issues/detailmitre
News mentions
0No linked articles in our index yet.