EPSS
Percentile
33.7%
libde265.so is vulnerable to buffer overflows. A local attacker is able to cause a stack based buffer overflow via the put_qpel_fallback function in fallback-motion.cc.
put_qpel_fallback
fallback-motion.cc
github.com/strukturag/libde265/blob/v1.0.9/libde265/fallback-motion.cc#L482
github.com/strukturag/libde265/issues/367
lists.debian.org/debian-lts-announce/2023/01/msg00020.html
www.debian.org/security/2023/dsa-5346