Published: 10/01/2022 Updated: 16/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows malicious users to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.

Vulnerable Product	Search on Vulmon	Subscribe to Product
struktur libde265 1.0.8
debian debian linux 10.0
debian debian linux 11.0

Debian Bug report logs - #1014977 libde265: CVE-2022-1253 CVE-2021-36411 CVE-2021-36410 CVE-2021-36408 CVE-2021-35452 Package: src:libde265; Maintainer for src:libde265 is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 15 Jul 2022 15:51:0 ...

Multiple security issues were discovered in libde265, an implementation of the H265 video codec which may result in denial of service and potentially the execution of arbitrary code if a malformed media file is processed For the stable distribution (bullseye), these problems have been fixed in version 1011-0+deb11u1 We recommend that you upgra ...

CWE-617 https://github.com/strukturag/libde265/issues/300 https://lists.debian.org/debian-lts-announce/2022/12/msg00027.html https://www.debian.org/security/2023/dsa-5346 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5346

CVE-2021-36409

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect