Preface: A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Background: A video codec is software or hardware that compresses and decompresses digital video. The libvpx is a free software video codec library from Google and the Alliance for Open Media (AOMedia).

Vulnerability details: Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Remedy: Upgrading to version 117.0.5938.132

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2023-5217