Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
197
security advisorydenial of serviceupdateDebian 11 libde265 Vulnerability DLA-4550-1 Denial of Service Risk
It was found that libde265, an open source implementation of the H.265 video codec, had multiple vulnerabilities which could lead to both stack and heap out of bound writes that could lead to denial of service, etc. For Debian 11 bullseye, these problems have been fixed in version 1.0.11-0+deb11u4.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4550-1
Apr 27, 2026
•Critical
Debian LTS
91
security advisorygentooarbitrary code executionGentoo Linux: GLSA-202408-20 Normal: libde265 Arbitrary Code Execution
Multiple vulnerabilities have been discovered in libde265, the worst of which could lead to arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202408-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libde265: Multiple Vulnerabilities Date: August 10, 2024 Bugs: #813486, #889876 ID: 202408-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in libde265, the worst of which could lead to arbitrary code execution. Background ========== Open h.265 video codec implementation. Affected packages ================= Package Vulnerable Unaffected ------------------- ------------ ------------ media-libs/libde265 < 1.0.11 > = 1.0.11 Description =========== Multiple vulnerabilities have been discovered in libde265. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libde265 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/libde265-1.0.11" References ========== [ 1 ] CVE-2020-21594 https://nvd.nist.gov/vuln/detail/CVE-2020-21594 [ 2 ] CVE-2020-21595 https://nvd.nist.gov/vuln/detail/CVE-2020-21595 [ 3 ] CVE-2020-21596 https://nvd.nist.gov/vuln/detail/CVE-2020-21596 [ 4 ] CVE-2020-21597 https://nvd.nist.gov/vuln/detail/CVE-2020-21597 [ 5 ] CVE-2020-21598 https://nvd.nist.gov/vuln/detail/CVE-2020-21598 [ 6 ] CVE-2020-21599 https://nvd.nist.gov/vuln/detail/CVE-2020-21599 [ 7 ] CVE-2020-21600 https://nvd.nist.gov/vuln/detail/CVE-2020-21600 [ 8 ] CVE-2020-21601 https://nvd.nist.gov/vuln/detail/CVE-2020-21601 [ 9 ] CVE-2020-21602 https://nvd.nist.gov/vuln/detail/CVE-2020-21602 [ 10 ] CVE-2020-21603 https://nvd.nist.gov/vuln/detail/CVE-2020-21603 [ 11 ] CVE-2020-21604 https://nvd.nist.gov/vuln/detail/CVE-2020-21604 [ 12 ] CVE-2020-21605 https://nvd.nist.gov/vuln/detail/CVE-2020-21605 [ 13 ] CVE-2020-21606 https://nvd.nist.gov/vuln/detail/CVE-2020-21606 [ 14 ] CVE-2021-35452 https://nvd.nist.gov/vuln/detail/CVE-2021-35452 [ 15 ] CVE-2021-36408 https://nvd.nist.gov/vuln/detail/CVE-2021-36408 [ 16 ] CVE-2021-36409 https://nvd.nist.gov/vuln/detail/CVE-2021-36409 [ 17 ] CVE-2021-36410 https://nvd.nist.gov/vuln/detail/CVE-2021-36410 [ 18 ] CVE-2021-36411 https://nvd.nist.gov/vuln/detail/CVE-2021-36411 [ 19 ] CVE-2022-1253 https://nvd.nist.gov/vuln/detail/CVE-2022-1253 [ 20 ] CVE-2022-43235 https://nvd.nist.gov/vuln/detail/CVE-2022-43235 [ 21 ] CVE-2022-43236 https://nvd.nist.gov/vuln/detail/CVE-2022-43236 [ 22 ] CVE-2022-43237 https://nvd.nist.gov/vuln/detail/CVE-2022-43237 [ 23 ] CVE-2022-43238 https://nvd.nist.gov/vuln/detail/CVE-2022-43238 [ 24 ] CVE-2022-43239 https://nvd.nist.gov/vuln/detail/CVE-2022-43239 [ 25 ] CVE-2022-43240 https://nvd.nist.gov/vuln/detail/CVE-2022-43240 [ 26 ] CVE-2022-43241 https://nvd.nist.gov/vuln/detail/CVE-2022-43241 [ 27 ] CVE-2022-43242 https://nvd.nist.gov/vuln/detail/CVE-2022-43242 [ 28 ] CVE-2022-43243 https://nvd.nist.gov/vuln/detail/CVE-2022-43243 [ 29 ] CVE-2022-43244 https://nvd.nist.gov/vuln/detail/CVE-2022-43244 [ 30 ] CVE-2022-43245 https://nvd.nist.gov/vuln/detail/CVE-2022-43245 [ 31 ] CVE-2022-43248 https://nvd.nist.gov/vuln/detail/CVE-2022-43248 [ 32 ] CVE-2022-43249 https://nvd.nist.gov/vuln/detail/CVE-2022-43249 [ 33 ] CVE-2022-43250 https://nvd.nist.gov/vuln/detail/CVE-2022-43250 [ 34 ] CVE-2022-43252 https://nvd.nist.gov/vuln/detail/CVE-2022-43252 [ 35 ] CVE-2022-43253 https://nvd.nist.gov/vuln/detail/CVE-2022-43253 [ 36 ] CVE-2022-47655 https://nvd.nist.gov/vuln/detail/CVE-2022-47655 [ 37 ] CVE-2022-47664 https://nvd.nist.gov/vuln/detail/CVE-2022-47664 [ 38 ] CVE-2022-47665 https://nvd.nist.gov/vuln/detail/CVE-2022-47665 [ 39 ] CVE-2023-24751 https://nvd.nist.gov/vuln/detail/CVE-2023-24751 [ 40 ] CVE-2023-24752 https://nvd.nist.gov/vuln/detail/CVE-2023-24752 [ 41 ] CVE-2023-24754 https://nvd.nist.gov/vuln/detail/CVE-2023-24754 [ 42 ] CVE-2023-24755 https://nvd.nist.gov/vuln/detail/CVE-2023-24755 [ 43 ] CVE-2023-24756 https://nvd.nist.gov/vuln/detail/CVE-2023-24756 [ 44 ] CVE-2023-24757 https://nvd.nist.gov/vuln/detail/CVE-2023-24757 [ 45 ] CVE-2023-24758 https://nvd.nist.gov/vuln/detail/CVE-2023-24758 [ 46 ] CVE-2023-25221 https://nvd.nist.gov/vuln/detail/CVE-2023-25221 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202408-20 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Aug 10, 2024
Gentoo
172
security advisorydenial of servicesoftware updateUbuntu 23.10 USN-6764-1 Moderate: libde265 Denial of Service Issue
libde265 could be made to crash if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6764-1 May 07, 2024 libde265 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: libde265 could be made to crash if it opened a specially crafted file. Software Description: - libde265: Open H.265 video codec implementation Details: It was discovered that libde265 could be made to allocate memory that exceeds the maximum supported size. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10 libde265-0 1.0.12-2ubuntu0.2 Ubuntu 22.04 LTS libde265-0 1.0.8-1ubuntu0.3+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libde265-0 1.0.4-1ubuntu0.4+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libde265-0 1.0.2-2ubuntu0.18.04.1~esm5 Available with Ubuntu Pro Ubuntu 16.04 LTS libde265-0 1.0.2-2ubuntu0.16.04.1~esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6764-1 CVE-2023-51792 Package Information: https://launchpad.net/ubuntu/+source/libde265/1.0.12-2ubuntu0.2 . Ubuntu Security Advisory USN-6765-1: libpng could be exploited through crafted images. Prompt installation of patches advised.. libde265 vulnerability, Ubuntu security updates, denial of service fix. . Severity: Important. LinuxSecurity.com Team
May 07, 2024
•Important
Ubuntu
172
security advisorydenial of servicehigh severityUbuntu 20.04 & 22.04: USN-6677-1 Critical Libde265 Denial of Service Fix
Several security issues were fixed in libde265.. ========================================================================== Ubuntu Security Notice USN-6677-1 March 05, 2024 libde265 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in libde265. Software Description: - libde265: Open H.265 video codec implementation Details: It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-27102) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-27103) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-43887, CVE-2023-47471, CVE-2023-49465, CVE-2023-49467, CVE-2023-49468) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: libde265-0 1.0.12-2ubuntu0.1 Ubuntu 22.04 LTS: libde265-0 1.0.8-1ubuntu0.3 Ubuntu 20.04 LTS: libde265-0 1.0.4-1ubuntu0.4 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.18.04.1~esm4 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.16.04.1~esm4 In general, a standard system update will make all the necessary changes. References: CVE-2023-27102, CVE-2023-27103, CVE-2023-43887, CVE-2023-47471, CVE-2023-49465, CVE-2023-49467, CVE-2023-49468 Package Information: https://launchpad.net/ubuntu/+source/libde265/1.0.8-1ubuntu0.3 https://launchpad.net/ubuntu/+source/libde265/1.0.4-1ubuntu0.4 . Several vulnerabilities present in libde265 may result in service disruptions or arbitrary code execution. Ensure you apply the most recent security updates.. libde265 Update, Ubuntu Security, Service Denial, Code Execution, Security Patches. . Severity: Critical. LinuxSecurity.com Team
Mar 05, 2024
•Critical
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 22.04 LTS USN-6659-1 Critical Libde265 Denial Of Service
Several security issues were fixed in libde265.. ========================================================================== Ubuntu Security Notice USN-6659-1 February 26, 2024 libde265 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in libde265. Software Description: - libde265: Open H.265 video codec implementation Details: It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-43244, CVE-2022-43249, CVE-2022-43250, CVE-2022-47665, CVE-2023-25221) It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2022-43245) It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-24751, CVE-2023-24752, CVE-2023-24754, CVE-2023-24755, CVE-2023-24756, CVE-2023-24757, CVE-2023-24758) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libde265-0 1.0.8-1ubuntu0.2 Ubuntu 20.04 LTS: libde265-0 1.0.4-1ubuntu0.3 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.18.04.1~esm3 Ubuntu 16.04 LTS(Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.16.04.1~esm3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6659-1 CVE-2022-43244, CVE-2022-43245, CVE-2022-43249, CVE-2022-43250, CVE-2022-47665, CVE-2023-24751, CVE-2023-24752, CVE-2023-24754, CVE-2023-24755, CVE-2023-24756, CVE-2023-24757, CVE-2023-24758, CVE-2023-25221 Package Information: https://launchpad.net/ubuntu/+source/libde265/1.0.8-1ubuntu0.2 . Important patches for libde265 resolve various vulnerabilities and possible denial of service risks in Ubuntu 22.04 and prior versions.. libde265 security, Ubuntu update, denial of service fix, security patch, library vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Feb 26, 2024
•Critical
Ubuntu
172
security advisorydenial of servicecode executionUbuntu 22.04 LTS: USN-6627-1 High: libde265 Out Of Bounds Risk
Several security issues were fixed in libde265.. ========================================================================== Ubuntu Security Notice USN-6627-1 February 08, 2024 libde265 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in libde265. Software Description: - libde265: Open H.265 video codec implementation Details: It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241, CVE-2022-43242) It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2021-36408) It was discovered that libde265 contained a logical error. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. (CVE-2021-36409) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-36410, CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43239, CVE-2022-43240, CVE-2022-43243, CVE-2022-43248, CVE-2022-43252, CVE-2022-43253) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked intoopening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1253) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libde265-0 1.0.8-1ubuntu0.1 Ubuntu 20.04 LTS: libde265-0 1.0.4-1ubuntu0.2 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.18.04.1~esm2 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.16.04.1~esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6627-1 CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36410, CVE-2021-36411, CVE-2022-1253, CVE-2022-43235, CVE-2022-43236, CVE-2022-43237, CVE-2022-43238, CVE-2022-43239, CVE-2022-43240, CVE-2022-43241, CVE-2022-43242, CVE-2022-43243, CVE-2022-43248, CVE-2022-43252, CVE-2022-43253 Package Information: https://launchpad.net/ubuntu/+source/libde265/1.0.4-1ubuntu0.2 . Vulnerabilities in Ubuntu's libde265 resolved through recent updates. Verify that all systems are updated to mitigate risks of possible code execution exploits.. Ubuntu Security Notice, libde265 Issues, Denial of Service, Code Execution Risks. . Severity: Important. LinuxSecurity.com Team
Feb 08, 2024
•Important
Ubuntu
172
security advisorydenial of servicememory managementUbuntu 20.04 LTS USN-6617-1 Moderate: Libde265 Denial Of Service
Several security issues were fixed in libde265.. ========================================================================== Ubuntu Security Notice USN-6617-1 January 30, 2024 libde265 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in libde265. Software Description: - libde265: Open H.265 video codec implementation Details: It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-21594) It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2020-21595, CVE-2020-21596, CVE-2020-21599, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602, CVE-2020-21603, CVE-2020-21604, CVE-2020-21605) It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-21597, CVE-2020-21598, CVE-2020-21606, CVE-2021-36408) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libde265-0 1.0.4-1ubuntu0.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.18.04.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libde265-0 1.0.2-2ubuntu0.16.04.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6617-1 CVE-2020-21594, CVE-2020-21595, CVE-2020-21596, CVE-2020-21597, CVE-2020-21598, CVE-2020-21599, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602, CVE-2020-21603, CVE-2020-21604, CVE-2020-21605, CVE-2020-21606, CVE-2021-36408 Package Information: . Mitigating various vulnerabilities in libde265 across Ubuntu distributions to avert possible execution flaws and service disruptions.. libde265 security flaws, Ubuntu update, service disruption issues. . LinuxSecurity.com Team
Jan 30, 2024
Ubuntu
197
security advisoryupdatebuffer overflowDebian 10 Buster DLA-3699-1 Critical: Libde265 Buffer Overflow Fix
Three issues have been found in libde265, an open H.265 video codec implementation. All issues are related to heap-buffer-overflow or global buffer overflow in different functions. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3699-1
Dec 30, 2023
•Critical
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!