Debian Libde265 vulnerabilities

CVE-2023-24755 [MEDIUM] CVE-2023-24755: libde265 - libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put... libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.1

CVE-2023-51792 [LOW] CVE-2023-51792: libde265 - Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cau... Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 1.0.13-1) sid: resolved (fixed in 1.0.13-1) trixie: resolved (fixed in 1.0.13-1)

CVE-2022-1253 [CRITICAL] CVE-2022-1253: libde265 - Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and... Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release. Scope: local bookworm: resolved (fixed in 1.0.8-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.8-1.1) sid: res

CVE-2022-47664 [HIGH] CVE-2022-47664: libde265 - Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_... Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.11-1) sid: resolved (fixed in 1.0.11-1) trixie: resolved (fixed in 1.0.11-1)

CVE-2022-47655 [HIGH] CVE-2022-47655: libde265 - Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallba... Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1) sid: resolved (fixed in 1.0.9-1.1) trixie: resolved (fixed in 1.0.9-1.1)

CVE-2022-47665 [HIGH] CVE-2022-47665: libde265 - Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_Slic... Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int) Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.11-1) sid: resolved (fixed in 1.0.11-1) trixie: resolved (fixed in 1.0.11-1)

CVE-2022-43243 [MEDIUM] CVE-2022-43243: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9

CVE-2022-43241 [MEDIUM] CVE-2022-43241: libde265 - Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_... Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1) sid: resolved (fix

CVE-2022-43238 [MEDIUM] CVE-2022-43238: libde265 - Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_... Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1) sid: resolved (f

CVE-2022-43242 [MEDIUM] CVE-2022-43242: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1) sid: resolved (fixed in 1.

CVE-2022-43248 [MEDIUM] CVE-2022-43248: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.

CVE-2022-43235 [MEDIUM] CVE-2022-43235: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-

CVE-2022-43245 [MEDIUM] CVE-2022-43245: libde265 - Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao... Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.11-1) sid: resolved (fixed in 1.0.11-1

CVE-2022-43249 [MEDIUM] CVE-2022-43249: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.11-1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.11-1) sid: r

CVE-2022-43239 [MEDIUM] CVE-2022-43239: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1) sid: resolved (fixed in

CVE-2022-43240 [MEDIUM] CVE-2022-43240: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1

CVE-2022-43250 [MEDIUM] CVE-2022-43250: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1)

CVE-2022-43237 [MEDIUM] CVE-2022-43237: libde265 - Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability ... Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1

CVE-2022-43252 [MEDIUM] CVE-2022-43252: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.9-1.1) sid:

CVE-2022-43253 [MEDIUM] CVE-2022-43253: libde265 - Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability v... Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Scope: local bookworm: resolved (fixed in 1.0.9-1.1) bullseye: resolved (fixed in 1.0.11-0+deb11u1) forky: resolved (fixed in 1.0.