Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability.

Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses the Matroska file format video files (.mkv files).

MKVToolNix is a set of tools to create, alter and inspect Matroska files on Linux, Windows and other operating systems.

Matroska is a file format for storing common multimedia content, like movies or TV shows, with implementations consisting of mostly of open-source software. Matroska file extensions are MKV for video, MK3D for stereoscopic video, MKA for audio-only files and MKS for subtitle-only files.



Talos Group

Talos Security Intelligence & Research Group