Bug#1027179: libde265: CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43244 CVE-2022-43245 CVE-2022-43249 CVE-2022-43250 CVE-2022-43252

[Moritz Mühlenhoff <jmm@inutil.org>]

Source: libde265
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerabilities were published for libde265.

CVE-2022-43235[0]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc.
| This vulnerability allows attackers to cause a Denial of Service (DoS)
| via a crafted video file.

https://github.com/strukturag/libde265/issues/337

CVE-2022-43236[1]:
| Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow
| vulnerability via put_qpel_fallback<unsigned short> in fallback-
| motion.cc. This vulnerability allows attackers to cause a Denial of
| Service (DoS) via a crafted video file.

https://github.com/strukturag/libde265/issues/343

CVE-2022-43237[2]:
| Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow
| vulnerability via void put_epel_hv_fallback<unsigned short> in
| fallback-motion.cc. This vulnerability allows attackers to cause a
| Denial of Service (DoS) via a crafted video file.

https://github.com/strukturag/libde265/issues/344

CVE-2022-43238[3]:
| Libde265 v1.0.8 was discovered to contain an unknown crash via
| ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability
| allows attackers to cause a Denial of Service (DoS) via a crafted
| video file.

https://github.com/strukturag/libde265/issues/338

CVE-2022-43239[4]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via mc_chroma<unsigned short> in motion.cc. This
| vulnerability allows attackers to cause a Denial of Service (DoS) via
| a crafted video file.

https://github.com/strukturag/libde265/issues/341

CVE-2022-43240[5]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc.
| This vulnerability allows attackers to cause a Denial of Service (DoS)
| via a crafted video file.

https://github.com/strukturag/libde265/issues/335

CVE-2022-43241[6]:
| Libde265 v1.0.8 was discovered to contain an unknown crash via
| ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability
| allows attackers to cause a Denial of Service (DoS) via a crafted
| video file.

https://github.com/strukturag/libde265/issues/335

CVE-2022-43242[7]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via mc_luma<unsigned char> in motion.cc. This
| vulnerability allows attackers to cause a Denial of Service (DoS) via
| a crafted video file.

https://github.com/strukturag/libde265/issues/340

CVE-2022-43244[8]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via put_qpel_fallback<unsigned short> in fallback-
| motion.cc. This vulnerability allows attackers to cause a Denial of
| Service (DoS) via a crafted video file.

https://github.com/strukturag/libde265/issues/342

CVE-2022-43245[9]:
| Libde265 v1.0.8 was discovered to contain a segmentation violation via
| apply_sao_internal<unsigned short> in sao.cc. This vulnerability
| allows attackers to cause a Denial of Service (DoS) via a crafted
| video file.

https://github.com/strukturag/libde265/issues/352

CVE-2022-43249[10]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via put_epel_hv_fallback<unsigned short> in
| fallback-motion.cc. This vulnerability allows attackers to cause a
| Denial of Service (DoS) via a crafted video file.

https://github.com/strukturag/libde265/issues/345

CVE-2022-43250[11]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This
| vulnerability allows attackers to cause a Denial of Service (DoS) via
| a crafted video file.

https://github.com/strukturag/libde265/issues/346

CVE-2022-43252[12]:
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
| vulnerability via put_epel_16_fallback in fallback-motion.cc. This
| vulnerability allows attackers to cause a Denial of Service (DoS) via
| a crafted video file.

https://github.com/strukturag/libde265/issues/347

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-43235
    https://www.cve.org/CVERecord?id=CVE-2022-43235
[1] https://security-tracker.debian.org/tracker/CVE-2022-43236
    https://www.cve.org/CVERecord?id=CVE-2022-43236
[2] https://security-tracker.debian.org/tracker/CVE-2022-43237
    https://www.cve.org/CVERecord?id=CVE-2022-43237
[3] https://security-tracker.debian.org/tracker/CVE-2022-43238
    https://www.cve.org/CVERecord?id=CVE-2022-43238
[4] https://security-tracker.debian.org/tracker/CVE-2022-43239
    https://www.cve.org/CVERecord?id=CVE-2022-43239
[5] https://security-tracker.debian.org/tracker/CVE-2022-43240
    https://www.cve.org/CVERecord?id=CVE-2022-43240
[6] https://security-tracker.debian.org/tracker/CVE-2022-43241
    https://www.cve.org/CVERecord?id=CVE-2022-43241
[7] https://security-tracker.debian.org/tracker/CVE-2022-43242
    https://www.cve.org/CVERecord?id=CVE-2022-43242
[8] https://security-tracker.debian.org/tracker/CVE-2022-43244
    https://www.cve.org/CVERecord?id=CVE-2022-43244
[9] https://security-tracker.debian.org/tracker/CVE-2022-43245
    https://www.cve.org/CVERecord?id=CVE-2022-43245
[10] https://security-tracker.debian.org/tracker/CVE-2022-43249
    https://www.cve.org/CVERecord?id=CVE-2022-43249
[11] https://security-tracker.debian.org/tracker/CVE-2022-43250
    https://www.cve.org/CVERecord?id=CVE-2022-43250
[12] https://security-tracker.debian.org/tracker/CVE-2022-43252
    https://www.cve.org/CVERecord?id=CVE-2022-43252

Please adjust the affected versions in the BTS as needed.