PT-2024-28287 · Libde265+2 · Libde265+2

Zhangteng0526

Published

2024-06-26

Updated

2025-09-26

CVE-2024-38949

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Libde265 version 1.0.15

Description A Heap Buffer Overflow issue allows attackers to crash the application by sending a crafted payload to the display444as420 function at sdl.cc.

Recommendations For Libde265 version 1.0.15, consider updating to a newer version that contains a fix for this issue, if available. As a temporary workaround, restrict access to the display444as420 function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALT-PU-2025-11901

CVE-2024-38949

ECHO-3723-3238-2A4C

Affected Products

Alt Linux

Debian

Libde265

PT-2024-28287 · Libde265+2 · Libde265+2

CVE-2024-38949

Weakness Enumeration

Related Identifiers

Affected Products

References · 9