Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 917764 (CVE-2023-43887)

Summary: <media-libs/libde265-1.0.15: buffer overflow
Product: Gentoo Security Reporter: Jarkko Suominen <bugzillas>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: minor CC: media-video
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/strukturag/libde265/issues/418
See Also: https://bugs.gentoo.org/show_bug.cgi?id=905099
Whiteboard: A4 [glsa? cleanup]
Package list:
Runtime testing required: ---

Description Jarkko Suominen 2023-11-22 20:44:28 UTC 
https://www.cve.org/CVERecord?id=CVE-2023-43887
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.

https://github.com/strukturag/libde265/issues/418
There is a segmentation fault caused by a buffer over-read on pic_parameter_set::dump due to an incorrect value of num_tile_columns or num_tile_rows.

https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133
Fixed in v1.0.13.
Latest version in upstream is v1.0.14, in the tree the latest is 1.0.11.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2025-06-16 22:50:20 UTC 
commit f80c722f81bc42138bdc85f2f713ea3fa1e14dff
Author:     Christopher Fore <csfore@posteo.net>
AuthorDate: Sat Jan 20 11:16:02 2024 -0500
Commit:     Sam James <sam@gentoo.org>
CommitDate: Fri May 3 12:17:32 2024 +0100

    media-libs/libde265: add 1.0.15, security bump

    Bump libsdl dependency to libsdl2

    Bug: https://bugs.gentoo.org/905099
    Signed-off-by: Christopher Fore <csfore@posteo.net>
    Closes: https://github.com/gentoo/gentoo/pull/34683
    Signed-off-by: Sam James <sam@gentoo.org>