libde265 v1.0.4 contains a heap buffer overflow in the putepelhv_fallback function, which can be exploited via a crafted a file.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.0.2-2ubuntu0.16.04.1~esm1", "binary_name": "libde265-0" }, { "binary_version": "1.0.2-2ubuntu0.16.04.1~esm1", "binary_name": "libde265-0-dbgsym" }, { "binary_version": "1.0.2-2ubuntu0.16.04.1~esm1", "binary_name": "libde265-dev" }, { "binary_version": "1.0.2-2ubuntu0.16.04.1~esm1", "binary_name": "libde265-examples" }, { "binary_version": "1.0.2-2ubuntu0.16.04.1~esm1", "binary_name": "libde265-examples-dbgsym" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.0.2-2ubuntu0.18.04.1~esm1", "binary_name": "libde265-0" }, { "binary_version": "1.0.2-2ubuntu0.18.04.1~esm1", "binary_name": "libde265-0-dbgsym" }, { "binary_version": "1.0.2-2ubuntu0.18.04.1~esm1", "binary_name": "libde265-dev" }, { "binary_version": "1.0.2-2ubuntu0.18.04.1~esm1", "binary_name": "libde265-examples" }, { "binary_version": "1.0.2-2ubuntu0.18.04.1~esm1", "binary_name": "libde265-examples-dbgsym" } ] }