Published: 10/01/2022 Updated: 08/08/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
struktur libde265 1.0.8
debian debian linux 10.0
debian debian linux 11.0

Debian Bug report logs - #1014977 libde265: CVE-2022-1253 CVE-2021-36411 CVE-2021-36410 CVE-2021-36408 CVE-2021-35452 Package: src:libde265; Maintainer for src:libde265 is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 15 Jul 2022 15:51:0 ...

Multiple security issues were discovered in libde265, an implementation of the H265 video codec which may result in denial of service and potentially the execution of arbitrary code if a malformed media file is processed For the stable distribution (bullseye), these problems have been fixed in version 1011-0+deb11u1 We recommend that you upgra ...

CWE-125 https://github.com/strukturag/libde265/issues/302 https://lists.debian.org/debian-lts-announce/2022/12/msg00027.html https://www.debian.org/security/2023/dsa-5346 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5346

CVE-2021-36411

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect