CVE-2021-30474
📋 TL;DR
CVE-2021-30474 is a use-after-free vulnerability in libaom's grain_table.c that allows memory corruption. Attackers can exploit this to execute arbitrary code or cause denial of service. Systems using AOMedia libaom library for AV1 video processing are affected.
💻 Affected Systems
- AOMedia libaom
- Applications using libaom for AV1 video processing
- Web browsers with AV1 support
- Media players with AV1 support
📦 What is this software?
Aomedia by Aomedia
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise
Likely Case
Application crash or denial of service
If Mitigated
Limited impact with proper memory protections and exploit mitigations
🎯 Exploit Status
Exploitation requires delivering malicious AV1 video content; public proof-of-concept demonstrates crash
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Commit 6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e and later
Vendor Advisory: https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e
Restart Required: Yes
Instructions:
1. Update libaom to version with commit 6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e or later. 2. Rebuild applications using libaom. 3. Restart affected services.
🔧 Temporary Workarounds
Disable grain synthesis
allDisable AV1 grain synthesis feature to prevent triggering the vulnerability
Set --disable-grain-synthesis in libaom configuration
🧯 If You Can't Patch
- Implement network filtering to block malicious video content
- Use application sandboxing to limit potential damage
🔍 How to Verify
Check if Vulnerable:
Check libaom version: aomenc --version | grep 'v'Check Version:
aomenc --versionVerify Fix Applied:
Verify libaom includes commit 6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e: git log --oneline | grep '6e31957'📡 Detection & Monitoring
Log Indicators:
- Application crashes with segmentation faults
- Memory corruption errors in system logs
Network Indicators:
- Unusual AV1 video file transfers
- Exploit kit traffic patterns
SIEM Query:
source="*application.logs*" AND ("segmentation fault" OR "use-after-free" OR "libaom")🔗 References
- https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e
- https://bugs.chromium.org/p/aomedia/issues/detail?id=3000
- https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html
- https://security.gentoo.org/glsa/202401-32
- https://www.debian.org/security/2023/dsa-5490
- https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e
- https://bugs.chromium.org/p/aomedia/issues/detail?id=3000
- https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html
- https://security.gentoo.org/glsa/202401-32
- https://www.debian.org/security/2023/dsa-5490
