Debian Libde265 vulnerabilities

CVE-2026-33164 [HIGH] CVE-2026-33164: libde265 - libde265 is an open source implementation of the h.265 video codec. Prior to ver... libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in pic_parameter_set::set_derived_values(). This issue has been patched in version 1.0.17. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 1.0.18-1) sid: resolved (fixed in 1.0.18-1) trixie: ope

CVE-2026-33165 [MEDIUM] CVE-2026-33165: libde265 - libde265 is an open source implementation of the h.265 video codec. Prior to ver... libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctb_info.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay constant but Log2CtbSizeY changes, causing set_SliceHeaderIndex to i

CVE-2025-29482 [MEDIUM] CVE-2025-29482: libde265 - Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execu... Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265. Scope: local bookworm: resolved (fixed in 1.0.7-1) bullseye: resolved (fixed in 1.0.7-1) forky: resolved (fixed in 1.0.7-1) sid: resolved (fixed in 1.0.7-1) trixie: resolved (fixed in 1.0.7-1)

CVE-2025-61147 [MEDIUM] CVE-2025-61147: libde265 - strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault... strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table(). Scope: local bookworm: open bullseye: open forky: resolved (fixed in 1.0.18-1) sid: resolved (fixed in 1.0.18-1) trixie: open

CVE-2024-38949 [MEDIUM] CVE-2024-38949: libde265 - Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash... Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-38950 [MEDIUM] CVE-2024-38950: libde265 - Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash... Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-27103 [HIGH] CVE-2023-27103: libde265 - Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the functi... Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u1) bullseye: resolved (fixed in 1.0.11-0+deb11u2) forky: resolved (fixed in 1.0.12-1) sid: resolved (fixed in 1.0.12-1) trixie: resolved (fixed in 1.0.12-1)

CVE-2023-25221 [HIGH] CVE-2023-25221: libde265 - Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability ... Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.11-1) sid: resolved (fixed in 1.0.11-1) trixie: resolved (fixed in 1.0.11-1)

CVE-2023-43887 [HIGH] CVE-2023-43887: libde265 - Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num... Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u1) bullseye: resolved (fixed in 1.0.11-0+deb11u2) forky: resolved (fixed in 1.0.13-1) sid: resolved (fixed in 1.0.13-1) trixie: resolved (fixed in

CVE-2023-49468 [HIGH] CVE-2023-49468: libde265 - Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerabilit... Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u2) bullseye: resolved (fixed in 1.0.11-0+deb11u3) forky: resolved (fixed in 1.0.15-1) sid: resolved (fixed in 1.0.15-1) trixie: resolved (fixed in 1.0.15-1)

CVE-2023-49465 [HIGH] CVE-2023-49465: libde265 - Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability ... Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u2) bullseye: resolved (fixed in 1.0.11-0+deb11u3) forky: resolved (fixed in 1.0.15-1) sid: resolved (fixed in 1.0.15-1) trixie: resolved (fixed in 1.0.15-1)

CVE-2023-49467 [HIGH] CVE-2023-49467: libde265 - Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability ... Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u2) bullseye: resolved (fixed in 1.0.11-0+deb11u3) forky: resolved (fixed in 1.0.15-1) sid: resolved (fixed in 1.0.15-1) trixie: resolved (fixed in 1.0.1

CVE-2023-24751 [MEDIUM] CVE-2023-24751: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.11-1) sid: resolved (fixed in

CVE-2023-47471 [MEDIUM] CVE-2023-47471: libde265 - Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local att... Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u1) bullseye: resolved (fixed in 1.0.11-0+deb11u2) forky: resolved (fixed in 1.0.13-1) sid: resolved (fixed in 1.0.13-1) trixie:

CVE-2023-27102 [MEDIUM] CVE-2023-27102: libde265 - Libde265 v1.0.11 was discovered to contain a segmentation violation via the func... Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc. Scope: local bookworm: resolved (fixed in 1.0.11-1+deb12u1) bullseye: resolved (fixed in 1.0.11-0+deb11u2) forky: resolved (fixed in 1.0.12-1) sid: resolved (fixed in 1.0.12-1) trixie: resolved (fixed in 1.0.12-1)

CVE-2023-24756 [MEDIUM] CVE-2023-24756: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.1

CVE-2023-24754 [MEDIUM] CVE-2023-24754: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0

CVE-2023-24757 [MEDIUM] CVE-2023-24757: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.

CVE-2023-24752 [MEDIUM] CVE-2023-24752: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.

CVE-2023-24758 [MEDIUM] CVE-2023-24758: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0