PT-2022-6511 · Libde265+5 · Libde265+5

Xidoo123

Published

2022-12-18

Updated

2025-03-07

CVE-2022-47665

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Libde265 version 1.0.9

Description The issue is related to a heap buffer overflow in the de265 image::set SliceAddrRS(int, int, int) function of the Libde265 video codec. This can potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Libde265 version 1.0.9, update to version 1.0.11 to fix the security issues. As a temporary workaround, consider disabling the de265 image::set SliceAddrRS(int, int, int) function until a patch is available.

Exploit

Fix

Memory Corruption

Heap Based Buffer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122CWE-120

Related Identifiers

ALT-PU-2023-1213

BDU:2023-01833

BDU:2023-01838

CVE-2022-47665

DLA-3352-1

DSA-5346-1

MGASA-2023-0093

USN-6659-1

Affected Products

Alt Linux

Astra Linux

Libde265

Linuxmint

Red Os

Ubuntu

PT-2022-6511 · Libde265+5 · Libde265+5

CVE-2022-47665

Weakness Enumeration

Related Identifiers

Affected Products

References · 44