Debian 10: DLA-3352-1 High: libde265 Denial Of Service Risk
debian lts
March 4, 2023
Multiple issues were found in libde265, an open source implementation of the h.265 video codec, which may result in denial of service, possibly code execution due to a heap-based b...
Topics Covered
Summary
CVE-2023-24751
libde265 v1.0.10 was discovered to contain a NULL pointer
dereference in the mc_chroma function at motion.cc. This
vulnerability allows attackers to cause a Denial of Service (DoS)
via a crafted input file.
CVE-2023-24752
libde265 v1.0.10 was discovered to contain a NULL pointer
dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at
sse-motion.cc. This vulnerability allows attackers to cause a Denial
of Service (DoS) via a crafted input file.
CVE-2023-24754
libde265 v1.0.10 was discovered to contain a NULL pointer
dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at
sse-motion.cc. This vulnerability allows attackers to cause a Denial
of Service (DoS) via a crafted input file.
CVE-2023-24755
libde265 v1.0.10 was discovered to contain a NULL pointer
dereference in the put_weighted_pred_8_fallback function at
fallback-motion.cc. This vulnerability allows attackers to cause a
PREVIOUS 
NEXT Package: libde265
Version: 1.0.11-0+deb10u4
CVE ID: CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755
Debian Bug:
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!