CVE-2026-56210: Out-of-bounds Read in Red Hat Red Hat Enterprise Linux 10
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding the configured number of layers. This causes an out-of-bounds heap read of approximately 40,728 bytes when computing a layer context array index. An attacker who can influence SVC encoder parameters in a network-facing service could exploit this for information disclosure (heap content leak) or denial of service (segmentation fault from hitting unmapped memory).
AI Analysis
Technical Summary
This vulnerability in libaom's SVC layer ID control function allows an out-of-bounds heap read due to missing bounds checking on spatial_layer_id. When an attacker sets a spatial_layer_id exceeding the configured layers, the code reads approximately 40,728 bytes beyond the heap buffer while computing a layer context array index. This can result in information disclosure (heap content leak) or denial of service (segmentation fault from accessing unmapped memory). The flaw affects Red Hat Enterprise Linux 10 where libaom is used in network-facing services that accept SVC encoder parameters.
Potential Impact
An attacker capable of influencing SVC encoder parameters in a network-facing service can exploit this vulnerability to read out-of-bounds heap memory, leading to potential information disclosure. Additionally, exploitation may cause a denial of service due to segmentation faults from accessing invalid memory regions. The CVSS score of 8.2 indicates high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impact primarily on confidentiality and availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-56210 for current remediation guidance. Until an official fix is available, restrict or monitor access to network-facing services that accept SVC encoder parameters to reduce exposure. Avoid processing untrusted or malformed AV1 video streams that could trigger this vulnerability.
CVE-2026-56210: Out-of-bounds Read in Red Hat Red Hat Enterprise Linux 10
Description
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC (Scalable Video Coding) layer ID control function allows setting a spatial_layer_id exceeding the configured number of layers. This causes an out-of-bounds heap read of approximately 40,728 bytes when computing a layer context array index. An attacker who can influence SVC encoder parameters in a network-facing service could exploit this for information disclosure (heap content leak) or denial of service (segmentation fault from hitting unmapped memory).
CVSS v3.1
Score 7.1high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in libaom's SVC layer ID control function allows an out-of-bounds heap read due to missing bounds checking on spatial_layer_id. When an attacker sets a spatial_layer_id exceeding the configured layers, the code reads approximately 40,728 bytes beyond the heap buffer while computing a layer context array index. This can result in information disclosure (heap content leak) or denial of service (segmentation fault from accessing unmapped memory). The flaw affects Red Hat Enterprise Linux 10 where libaom is used in network-facing services that accept SVC encoder parameters.
Potential Impact
An attacker capable of influencing SVC encoder parameters in a network-facing service can exploit this vulnerability to read out-of-bounds heap memory, leading to potential information disclosure. Additionally, exploitation may cause a denial of service due to segmentation faults from accessing invalid memory regions. The CVSS score of 8.2 indicates high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impact primarily on confidentiality and availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-56210 for current remediation guidance. Until an official fix is available, restrict or monitor access to network-facing services that accept SVC encoder parameters to reduce exposure. Avoid processing untrusted or malformed AV1 video streams that could trigger this vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-19T15:50:16.801Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-56210","vendor":"Red Hat"}]
Threat ID: 6a3576cef198dc38c1c38ecd
Added to database: 6/19/2026, 5:05:18 PM
Last enriched: 6/19/2026, 5:20:07 PM
Last updated: 6/19/2026, 6:54:46 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.