![Dangerous vulnerabilities in H.264 decoders. [Research Saturday]](https://imgv2-1-f.scribdassets.com/img/audiobook/663033508/198x198/daaf4c778e/1691172429?v=1)
21 min listen
Dangerous vulnerabilities in H.264 decoders. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
24 minutes
Released:
May 20, 2023
Format:
Podcast episode
Description
Willy R. Vasquez from The University of Texas at Austin discussing research on "The Most Dangerous Codec in the World - Finding and Exploiting Vulnerabilities in H.264 Decoders." Researchers are looking at the marvel that is modern video encoding standards such as H.264 for vulnerabilities and ultimately hidden security risks.
The research states "We introduce and evaluate H26FORGE, domain-specific infrastructure for analyzing, generating, and manipulating syntactically correct but semantically spec-non-compliant video files." Using H26FORCE, they were able to uncover insecurities in depth across the video decoder ecosystem, including kernel memory corruption bugs in iOS and video accelerator and application processor kernel memory bugs in Android devices.
The research can be found here:
The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders
The research states "We introduce and evaluate H26FORGE, domain-specific infrastructure for analyzing, generating, and manipulating syntactically correct but semantically spec-non-compliant video files." Using H26FORCE, they were able to uncover insecurities in depth across the video decoder ecosystem, including kernel memory corruption bugs in iOS and video accelerator and application processor kernel memory bugs in Android devices.
The research can be found here:
The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders
Released:
May 20, 2023
Format:
Podcast episode
More Episodes from CyberWire Daily
Encore: Welcome to New York, it's been waitin' for you. [Research Saturday] by CyberWire Daily