libde265 is an open source implementation of the h.265 video codec. libde265 version 1.0.4 contains a heap buffer overflow vulnerability in the mc_chroma function. An attacker can exploit the vulnerability to cause a denial of service via specially crafted files.