all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders

Add to bookmarks
Feb. 23, 2024, 5:45 p.m. | Black Hat

Black Hat www.youtube.com

Modern video encoding standards such as H.264 are a marvel of hidden complexity. But with hidden complexity comes hidden security risk. Decoding video today involves interacting with dedicated hardware accelerators and the proprietary, privileged software components used to drive them. The video decoder ecosystem is obscure, opaque, diverse, highly privileged, largely untested, and highly exposed -- a dangerous combination.

We introduce H26Forge, a framework that carefully crafts video files to expose edge cases in H.264 decoders....

By: Stephen Checkoway , …

accelerators complexity components decoder decoding drive ecosystem encoding exploiting hardware hidden privileged risk security security risk software software components standards today video vulnerabilities world

Visit resource

More from www.youtube.com / Black Hat

Black Hat Asia 2024 Highlights 3 weeks, 3 days ago | www.youtube.com
asia black hat black hat asia black hat asia 2024
Startup Spotlight Competition at Black Hat 1 month, 1 week ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 1 month, 4 weeks ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 1 month, 4 weeks ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 1 month, 4 weeks ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 2 months ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 2 months ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 2 months ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 2 months ago | www.youtube.com
analysis ask bad codeql +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com