EPSS
Percentile
47.9%
libde265.so is vulnerable to denial of service (DoS). The vulnerability is due to the ff_hevc_put_hevc_qpel_v_3_8_sse function in sse-motion.cc, causing a crash via a crafted video file.
ff_hevc_put_hevc_qpel_v_3_8_sse
sse-motion.cc
github.com/strukturag/libde265/blob/v1.0.9/libde265/x86/sse-motion.cc#L3138
github.com/strukturag/libde265/issues/338
lists.debian.org/debian-lts-announce/2023/01/msg00020.html
www.debian.org/security/2023/dsa-5346