Authored by Google Security Research, Nick Galloway

There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.

advisories | CVE-2024-1580