Published: 02/11/2022 Updated: 27/02/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

Libde265 v1.0.8 exists to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted video file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
struktur libde265 1.0.8
debian debian linux 10.0
debian debian linux 11.0

Debian Bug report logs - #1027179 libde265: CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43244 CVE-2022-43245 CVE-2022-43249 CVE-2022-43250 CVE-2022-43252 Package: src:libde265; Maintainer for src:libde265 is Debian Multimedia Maintainers <debian-multim ...

Debian Bug report logs - #1029357 libde265: CVE-2022-43245 CVE-2022-43249 Package: src:libde265; Maintainer for src:libde265 is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 28 Dec 2022 22:51:02 UTC Severity: important Tags: security, u ...

Multiple security issues were discovered in libde265, an implementation of the H265 video codec which may result in denial of service and potentially the execution of arbitrary code if a malformed media file is processed For the stable distribution (bullseye), these problems have been fixed in version 1011-0+deb11u1 We recommend that you upgra ...

CWE-787 https://github.com/strukturag/libde265/issues/342 https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html https://www.debian.org/security/2023/dsa-5346 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027179 https://www.debian.org/security/2023/dsa-5346

CVE-2022-43244

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect