CVE-2023-27103

Name
CVE-2023-27103
Description
Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc.
NVD Severity
high
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/strukturag/libde265/issues/394

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:struktur:libde265:1.0.11:*:*:*:*:*:*:* libde265 == None == 1.0.11

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libde265 edge-main 1.0.11-r1 Jakub Jirutka <jakub@jirutka.cz> fixed
libde265 3.17-main 1.0.11-r1 Jakub Jirutka <jakub@jirutka.cz> fixed
libde265 3.16-main 1.0.11-r1 Jakub Jirutka <jakub@jirutka.cz> fixed
libde265 3.15-main 1.0.11-r1 Jakub Jirutka <jakub@jirutka.cz> fixed
libde265 3.14-main 1.0.11-r1 Jakub Jirutka <jakub@jirutka.cz> fixed