Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.0402 libde265 security update 25 January 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libde265 Publisher: Debian Operating System: Debian GNU/Linux Resolution: Patch/Upgrade CVE Names: CVE-2022-47655 CVE-2022-43253 CVE-2022-43252 CVE-2022-43250 CVE-2022-43249 CVE-2022-43248 CVE-2022-43245 CVE-2022-43244 CVE-2022-43243 CVE-2022-43242 CVE-2022-43241 CVE-2022-43240 CVE-2022-43239 CVE-2022-43238 CVE-2022-43237 CVE-2022-43236 CVE-2022-43235 CVE-2020-21598 CVE-2020-21597 CVE-2020-21596 Original Bulletin: https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html Comment: CVSS (Max): 8.8 CVE-2020-21598 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3280-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Tobias Frost January 24, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libde265 Version : 1.0.3-1+deb10u2 CVE ID : CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43243 CVE-2022-43244 CVE-2022-43245 CVE-2022-43248 CVE-2022-43249 CVE-2022-43250 CVE-2022-43252 CVE-2022-43253 CVE-2022-47655 Debian Bug : 1025816 1027179 1029357 1029397 Multiple issues were found in libde265, an open source implementation of the H.265 video codec, which may result in denial of service or have unspecified other impact. CVE-2020-21596 libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file. CVE-2020-21597 libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file. CVE-2020-21598 libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. CVE-2022-43235 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43236 Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43237 Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43238 Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43239 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma<unsigned short> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43240 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43241 Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43242 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma<unsigned char> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43243 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43244 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43245 Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43248 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43249 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43250 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43252 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-43253 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. CVE-2022-47655 Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> For Debian 10 buster, these problems have been fixed in version 1.0.3-1+deb10u2. We recommend that you upgrade your libde265 packages. For the detailed security status of libde265 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libde265 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmPQWb0ACgkQkWT6HRe9 XTYBHw/+JRS0wRTiJ6LqiCLBjPkN/KARisb0GMw5+kVh5bLmNx5Upz0VesZWlSKj hZksjuVwV/MpoziQtj3xIvL2XdCX7ESe7uLno+GuGNiqF3/NUq3NgMIFp7hEggB3 9N2I6CjFIrJAZrA033mJwok1CESXzYmM+45ZWmg6ifGl1OGrEwvQJiFL/fSgyrAF pYPunYgD0zQAFl02R3SwiCF9L/VKJtCqqSSJMPCB6plNnmb79+q70295mbw6pmNq olz6R/xd9l4DCzIiQIdOEShfGSn54sFYRFShALLjousMAqxKAKimeKpst66Mq8gj YEtbr+MrrlCJ6MwHplBYxcT/B7YSw7PuzL73jwvlSuVc5ThE3MHj1oD4BAdFe1uD RZlzEpTTN1xE7/VssmPINYhPjVOMujrYBVjtbUyouEhUcRcNG3gS6uVFE+1Lcho8 2rUwtVZC6amVRRQgQeepYnXQnNLFJIfpGO0Rwqv4+lwp5GMgq/72XOx/p66VRkWY EjuL41b10UCU0pr9mgS+E6vQX4yHSkyhX9ncEVySQ4K4EnYtFPpTHHEWEJDn1gR9 fVlBFPPVoKHzQ3AUacIbiCIPdR9ghU9fj/1CXU/pb/WQzMj3BfAhjjZnl+q/HxPR ZTXGy/iCi9YrODVnGvFfyjPGPiCpAusMh/zkPVuF++U6foTtUnM= =7W+l - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY9CGeckNZI30y1K9AQgXAQ//eBnNAiuFEn3KE3gOhkqKoj6ZNcMDH6mR m+h0W8eu3kDw5hes02EkJUTwgyWUkro/MQmZRhq72eZtPbYeIv5BfGzafa047B6M 1d60UOLN4eWcLHlcsRbPfCzj5lgbX4e8yahnsjzshVVu4o3tOND72tz8RkJiNN12 N1CLIYItGdyXP7+FeQPBnbMCabvKeV84OTtHGtNA2OfEdS6s5k1u54c+SMBQYDhl zzuzf9Qfn4R+KGjGfHuuDv9Gls+mwVHsMP5o2D6/JGRXgzmxKjX6ASnFIz+Y9mBJ S1vFx3EK6ND5pVYDvimrtL/Z9VUzv4vZHnPUBe7swrXHX7xwQujbye+pOjPBXvpr olu4ReMwKKfWPm050AlMpl47mJcoKgB3v9ZCVy/VyAsTmAh5C+09VCtD/BUeJOlH 67YeFR+r+WcRk8lfyESn+0Y5Hi21aRG7zN0vvEE0jyOtqcWfr+bl6r3mBvMRwjk7 uBf6IU/waAbvRK4PwwPYPfbs8qjJRwzd7EnTZnesvlTVeoXWVXnQN3PthTbzBXA2 1pguN5kwEqCLLEwwVnUVFse2P74TxFAFGOXBe50V81yaxTsxsJd3mkkaPvKfbkYI IvktIXhm8R8683HiF3zk5phb/0ZPtB0T+CFmx/go27aO1SvBrSo+SqGgxgPzHDq7 ODviAFVkXiA= =x0p3 -----END PGP SIGNATURE-----