SB2024022838 - Ubuntu update for libde265

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024022838

SB2024022838 - Ubuntu update for libde265

Published: February 28, 2024

Security Bulletin ID SB2024022838
Severity
High
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 15% Low 85%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) Heap-based buffer overflow (CVE-ID: CVE-2022-43244)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the put_qpel_fallback() function in fallback-motion.cc. A remote attacker can pass specially crafted file to the application, trigger a heap-based buffer overflow and perform a denial of service attack.


2) Heap-based buffer overflow (CVE-ID: CVE-2022-43249)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the put_epel_hv_fallback() function in fallback-motion.cc. A remote attacker can pass specially crafted file to the application, trigger a heap-based buffer overflow and perform a denial of service attack.

3) Heap-based buffer overflow (CVE-ID: CVE-2022-43250)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the put_qpel_0_0_fallback_16() function in fallback-motion.cc. A remote attacker can pass specially crafted file to the application, trigger a heap-based buffer overflow and perform a denial of service attack.

4) Heap-based buffer overflow (CVE-ID: CVE-2022-47665)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the de265_image::set_SliceAddrRS() function. A remote attacker can pass specially crafted file to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Heap-based buffer overflow (CVE-ID: CVE-2023-25221)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the derive_spatial_luma_vector_prediction() function in motion.cc. A remote attacker can pass specially crafted file to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Input validation error (CVE-ID: CVE-2022-43245)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the apply_sao_internal() function in sao.cc. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.


7) NULL pointer dereference (CVE-ID: CVE-2023-24751)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the mc_chroma() function at motion.cc. A remote attacker can pass a specially crafted file to the application and crash it.


8) NULL pointer dereference (CVE-ID: CVE-2023-24752)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ff_hevc_put_hevc_epel_pixels_8_sse() function at sse-motion.cc. A remote attacker can trigger denial of service conditions via a crafted video file.


9) NULL pointer dereference (CVE-ID: CVE-2023-24754)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ff_hevc_put_weighted_pred_avg_8_sse() function at sse-motion.cc. A remote attacker can trigger denial of service conditions via a crafted video file.


10) NULL pointer dereference (CVE-ID: CVE-2023-24755)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the put_weighted_pred_8_fallback() function at fallback-motion.cc. A remote attacker can trigger denial of service conditions via a crafted video file.


11) NULL pointer dereference (CVE-ID: CVE-2023-24756)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ff_hevc_put_unweighted_pred_8_sse() function in sse-motion.cc. A remote attacker can trigger denial of service conditions via a crafted video file.


12) NULL pointer dereference (CVE-ID: CVE-2023-24757)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the put_unweighted_pred_16_fallback() function in fallback-motion.cc. A remote attacker can trigger denial of service conditions via a crafted video file.


13) NULL pointer dereference (CVE-ID: CVE-2023-24758)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ff_hevc_put_weighted_pred_avg_8_sse() function in sse-motion.cc. A remote attacker can trigger denial of service conditions via a crafted video file.


Remediation

Install update from vendor's website.

References