You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-8879
About this tag
CVE-2025-8879 is a high-severity heap buffer overflow vulnerability in the libaom AV1 codec library. It was patched in Chrome stable channel updates to versions 139.0.7258.127/.128 on Windows and macOS, and 139.0.7258.127 on Linux. The flaw could allow an attacker to cause a heap overflow via crafted AV1 media. Browser vendors using Chromium are also rolling out the fix. This tag covers discussions about the vulnerability, its impact, and the patch deployment across Chromium-based browsers.
A high-severity heap buffer overflow in the AV1 codec library libaom — tracked as CVE-2025-8879 — has been fixed in the latest Chromium builds; Google pushed the patch in Chrome stable channel updates to versions 139.0.7258.127/.128 (Windows and macOS) and 139.0.7258.127 (Linux), and browser...