CVE-2026-33165

CVE-2026-33165

Name

CVE-2026-33165

Description

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream causes an out-of-bounds heap write confirmed by AddressSanitizer. The trigger is a stale ctb_info.log2unitSize after an SPS change where PicWidthInCtbsY and PicHeightInCtbsY stay constant but Log2CtbSizeY changes, causing set_SliceHeaderIndex to index past the allocated image metadata array and write 2 bytes past the end of a heap allocation. This issue has been patched in version 1.0.17.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security-advisories@github.com	https://github.com/strukturag/libde265/commit/c7891e412106130b83f8e8ea8b7f907e9449b658
security-advisories@github.com	https://github.com/strukturag/libde265/releases/tag/v1.0.17
security-advisories@github.com	https://github.com/strukturag/libde265/security/advisories/GHSA-653q-9f73-8hvg

Type

URI

security-advisories@github.com

https://github.com/strukturag/libde265/commit/c7891e412106130b83f8e8ea8b7f907e9449b658

security-advisories@github.com

https://github.com/strukturag/libde265/releases/tag/v1.0.17

security-advisories@github.com

https://github.com/strukturag/libde265/security/advisories/GHSA-653q-9f73-8hvg

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:struktur:libde265::::::::`	libde265	>= None	< 1.0.17

CPE URI

Source package

Min version

Max version

cpe:2.3:a:struktur:libde265:*:*:*:*:*:*:*:*

libde265

>= None

< 1.0.17

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libde265	edge-main	1.0.16-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	edge-main	1.0.15-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	edge-main	1.0.15-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	edge-main	1.0.11-r2	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	edge-main	1.0.11-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	edge-main	1.0.11-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	edge-main	1.0.8-r2	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	3.23-main	1.0.16-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	3.22-main	1.0.15-r1	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	3.22-main	1.0.15-r0	None	possibly vulnerable
libde265	3.22-main	1.0.11-r1	None	possibly vulnerable
libde265	3.22-main	1.0.11-r0	None	possibly vulnerable
libde265	3.22-main	1.0.8-r2	None	possibly vulnerable
libde265	3.21-main	1.0.15-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	3.21-main	1.0.11-r1	None	possibly vulnerable
libde265	3.21-main	1.0.11-r0	None	possibly vulnerable
libde265	3.21-main	1.0.8-r2	None	possibly vulnerable
libde265	3.20-main	1.0.15-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	3.20-main	1.0.11-r1	None	possibly vulnerable
libde265	3.20-main	1.0.11-r0	None	possibly vulnerable
libde265	3.20-main	1.0.8-r2	None	possibly vulnerable
libde265	3.19-main	1.0.15-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
libde265	3.19-main	1.0.11-r1	None	possibly vulnerable
libde265	3.19-main	1.0.11-r0	None	possibly vulnerable
libde265	3.19-main	1.0.8-r2	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages