libde265 is an open source implementation of the h.265 video codec. libde265 version 1.0.4 contains a heap buffer overflow vulnerability in the put_qpel_0_0_fallback_16 function. An attacker can exploit the vulnerability to cause a denial of service via specially crafted files.