Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0402
libde265 security update
25 January 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libde265
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2022-47655 CVE-2022-43253 CVE-2022-43252
CVE-2022-43250 CVE-2022-43249 CVE-2022-43248
CVE-2022-43245 CVE-2022-43244 CVE-2022-43243
CVE-2022-43242 CVE-2022-43241 CVE-2022-43240
CVE-2022-43239 CVE-2022-43238 CVE-2022-43237
CVE-2022-43236 CVE-2022-43235 CVE-2020-21598
CVE-2020-21597 CVE-2020-21596
Original Bulletin:
https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html
Comment: CVSS (Max): 8.8 CVE-2020-21598 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS Source: NVD
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3280-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Tobias Frost
January 24, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libde265
Version : 1.0.3-1+deb10u2
CVE ID : CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2022-43235
CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239
CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43243
CVE-2022-43244 CVE-2022-43245 CVE-2022-43248 CVE-2022-43249
CVE-2022-43250 CVE-2022-43252 CVE-2022-43253 CVE-2022-47655
Debian Bug : 1025816 1027179 1029357 1029397
Multiple issues were found in libde265, an open source implementation
of the H.265 video codec, which may result in denial of service or have
unspecified other impact.
CVE-2020-21596
libde265 v1.0.4 contains a global buffer overflow in the
decode_CABAC_bit function, which can be exploited via a crafted a
file.
CVE-2020-21597
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma
function, which can be exploited via a crafted a file.
CVE-2020-21598
libde265 v1.0.4 contains a heap buffer overflow in the
ff_hevc_put_unweighted_pred_8_sse function, which can be exploited
via a crafted a file.
CVE-2022-43235
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in
sse-motion.cc. This vulnerability allows attackers to cause a Denial
of Service (DoS) via a crafted video file.
CVE-2022-43236
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow
vulnerability via put_qpel_fallback<unsigned short> in
fallback-motion.cc. This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted video file.
CVE-2022-43237
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow
vulnerability via void put_epel_hv_fallback<unsigned short> in
fallback-motion.cc. This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted video file.
CVE-2022-43238
Libde265 v1.0.8 was discovered to contain an unknown crash via
ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This
vulnerability allows attackers to cause a Denial of Service (DoS)
via a crafted video file.
CVE-2022-43239
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via mc_chroma<unsigned short> in motion.cc. This
vulnerability allows attackers to cause a Denial of Service (DoS)
via a crafted video file.
CVE-2022-43240
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in
sse-motion.cc. This vulnerability allows attackers to cause a Denial
of Service (DoS) via a crafted video file.
CVE-2022-43241
Libde265 v1.0.8 was discovered to contain an unknown crash via
ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability
allows attackers to cause a Denial of Service (DoS) via a crafted
video file.
CVE-2022-43242
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via mc_luma<unsigned char> in motion.cc. This
vulnerability allows attackers to cause a Denial of Service (DoS)
via a crafted video file.
CVE-2022-43243
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in
sse-motion.cc. This vulnerability allows attackers to cause a Denial
of Service (DoS) via a crafted video file.
CVE-2022-43244
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via put_qpel_fallback<unsigned short> in
fallback-motion.cc. This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted video file.
CVE-2022-43245
Libde265 v1.0.8 was discovered to contain a segmentation violation
via apply_sao_internal<unsigned short> in sao.cc. This vulnerability
allows attackers to cause a Denial of Service (DoS) via a crafted
video file.
CVE-2022-43248
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via put_weighted_pred_avg_16_fallback in
fallback-motion.cc. This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted video file.
CVE-2022-43249
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via put_epel_hv_fallback<unsigned short> in
fallback-motion.cc. This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted video file.
CVE-2022-43250
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc.
This vulnerability allows attackers to cause a Denial of Service
(DoS) via a crafted video file.
CVE-2022-43252
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via put_epel_16_fallback in fallback-motion.cc. This
vulnerability allows attackers to cause a Denial of Service (DoS)
via a crafted video file.
CVE-2022-43253
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
vulnerability via put_unweighted_pred_16_fallback in
fallback-motion.cc. This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted video file.
CVE-2022-47655
Libde265 1.0.9 is vulnerable to Buffer Overflow in function void
put_qpel_fallback<unsigned short>
For Debian 10 buster, these problems have been fixed in version
1.0.3-1+deb10u2.
We recommend that you upgrade your libde265 packages.
For the detailed security status of libde265 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libde265
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmPQWb0ACgkQkWT6HRe9
XTYBHw/+JRS0wRTiJ6LqiCLBjPkN/KARisb0GMw5+kVh5bLmNx5Upz0VesZWlSKj
hZksjuVwV/MpoziQtj3xIvL2XdCX7ESe7uLno+GuGNiqF3/NUq3NgMIFp7hEggB3
9N2I6CjFIrJAZrA033mJwok1CESXzYmM+45ZWmg6ifGl1OGrEwvQJiFL/fSgyrAF
pYPunYgD0zQAFl02R3SwiCF9L/VKJtCqqSSJMPCB6plNnmb79+q70295mbw6pmNq
olz6R/xd9l4DCzIiQIdOEShfGSn54sFYRFShALLjousMAqxKAKimeKpst66Mq8gj
YEtbr+MrrlCJ6MwHplBYxcT/B7YSw7PuzL73jwvlSuVc5ThE3MHj1oD4BAdFe1uD
RZlzEpTTN1xE7/VssmPINYhPjVOMujrYBVjtbUyouEhUcRcNG3gS6uVFE+1Lcho8
2rUwtVZC6amVRRQgQeepYnXQnNLFJIfpGO0Rwqv4+lwp5GMgq/72XOx/p66VRkWY
EjuL41b10UCU0pr9mgS+E6vQX4yHSkyhX9ncEVySQ4K4EnYtFPpTHHEWEJDn1gR9
fVlBFPPVoKHzQ3AUacIbiCIPdR9ghU9fj/1CXU/pb/WQzMj3BfAhjjZnl+q/HxPR
ZTXGy/iCi9YrODVnGvFfyjPGPiCpAusMh/zkPVuF++U6foTtUnM=
=7W+l
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY9CGeckNZI30y1K9AQgXAQ//eBnNAiuFEn3KE3gOhkqKoj6ZNcMDH6mR
m+h0W8eu3kDw5hes02EkJUTwgyWUkro/MQmZRhq72eZtPbYeIv5BfGzafa047B6M
1d60UOLN4eWcLHlcsRbPfCzj5lgbX4e8yahnsjzshVVu4o3tOND72tz8RkJiNN12
N1CLIYItGdyXP7+FeQPBnbMCabvKeV84OTtHGtNA2OfEdS6s5k1u54c+SMBQYDhl
zzuzf9Qfn4R+KGjGfHuuDv9Gls+mwVHsMP5o2D6/JGRXgzmxKjX6ASnFIz+Y9mBJ
S1vFx3EK6ND5pVYDvimrtL/Z9VUzv4vZHnPUBe7swrXHX7xwQujbye+pOjPBXvpr
olu4ReMwKKfWPm050AlMpl47mJcoKgB3v9ZCVy/VyAsTmAh5C+09VCtD/BUeJOlH
67YeFR+r+WcRk8lfyESn+0Y5Hi21aRG7zN0vvEE0jyOtqcWfr+bl6r3mBvMRwjk7
uBf6IU/waAbvRK4PwwPYPfbs8qjJRwzd7EnTZnesvlTVeoXWVXnQN3PthTbzBXA2
1pguN5kwEqCLLEwwVnUVFse2P74TxFAFGOXBe50V81yaxTsxsJd3mkkaPvKfbkYI
IvktIXhm8R8683HiF3zk5phb/0ZPtB0T+CFmx/go27aO1SvBrSo+SqGgxgPzHDq7
ODviAFVkXiA=
=x0p3
-----END PGP SIGNATURE-----