[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1014999: libde265: CVE-2020-21594 CVE-2020-21595 CVE-2020-21596 CVE-2020-21597 CVE-2020-21599 CVE-2020-21601 CVE-2020-21603 CVE-2020-21604 CVE-2020-21605 CVE-2020-21606

Retesting to see if my patches have any effects on this.

"Cannot reproduce" means I cannot reproduce without my patches applied.

TL;DR: Can reproduce CVE-2020-21596, CVE-2020-21601.

--
tobi

On Sat, 16 Jul 2022 00:32:59 +0200 =?UTF-8?Q?Moritz_M=C3=BChlenhoff?= <jmm@inutil.org> wrote:
> Source: libde265
> X-Debbugs-CC: team@security.debian.org
> Severity: important
> Tags: security
> 
> Hi,
> 
> The following vulnerabilities were published for libde265.
> 
> CVE-2020-21594[0]:
> | libde265 v1.0.4 contains a heap buffer overflow in the
> | put_epel_hv_fallback function, which can be exploited via a crafted a
> | file.
> 
> https://github.com/strukturag/libde265/issues/233

Cannot reproduce with the poc in the upstream issue. 


> CVE-2020-21595[1]:
> | libde265 v1.0.4 contains a heap buffer overflow in the mc_luma
> | function, which can be exploited via a crafted a file.
> 
> https://github.com/strukturag/libde265/issues/239

Cannot reproduce with the poc in the upstream issue.


> CVE-2020-21596[2]:
> | libde265 v1.0.4 contains a global buffer overflow in the
> | decode_CABAC_bit function, which can be exploited via a crafted a
> | file.
> 
> https://github.com/strukturag/libde265/issues/236

CAN STILL REPRODUCE with the poc in the upstrema issue.



> 
> CVE-2020-21597[3]:
> | libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma
> | function, which can be exploited via a crafted a file.
>
> https://github.com/strukturag/libde265/issues/238

Cannot reproduce with the poc in the upstream issue.



> CVE-2020-21599[4]:
> | libde265 v1.0.4 contains a heap buffer overflow in the
> | de265_image::available_zscan function, which can be exploited via a
> | crafted a file.
> 
> https://github.com/strukturag/libde265/issues/235

Cannot reproduce with the poc in the upstream issue.


 
> CVE-2020-21601[5]:
> | libde265 v1.0.4 contains a stack buffer overflow in the
> | put_qpel_fallback function, which can be exploited via a crafted a
> | file.
> 
> https://github.com/strukturag/libde265/issues/241

CAN REPRODUCE, one of the two pocs still trigger.


> 
> CVE-2020-21603[6]:
> | libde265 v1.0.4 contains a heap buffer overflow in the
> | put_qpel_0_0_fallback_16 function, which can be exploited via a
> | crafted a file.
> 
> https://github.com/strukturag/libde265/issues/240

Cannot reproduce with the poc in the upstream issue.

> 
> CVE-2020-21604[7]:
> | libde265 v1.0.4 contains a heap buffer overflow fault in the
> | _mm_loadl_epi64 function, which can be exploited via a crafted a file.
> 
> https://github.com/strukturag/libde265/issues/231

Cannot reproduce with the poc in the upstream issue.



> CVE-2020-21605[8]:
> | libde265 v1.0.4 contains a segmentation fault in the
> | apply_sao_internal function, which can be exploited via a crafted a
> | file.
> 
> https://github.com/strukturag/libde265/issues/234
> 

Cannot reproduce with the poc in the upstream issue.


> CVE-2020-21606[9]:
> | libde265 v1.0.4 contains a heap buffer overflow fault in the
> | put_epel_16_fallback function, which can be exploited via a crafted a
> | file.
> 
> https://github.com/strukturag/libde265/issues/232

Cannot reproduce with the poc in the upstream issue.


--
tobi
Reply to: