2045113 – (CVE-2021-35452) CVE-2021-35452 libde265: Incorrect Access Control due to a SEGV in slice.cc

Bug 2045113 (CVE-2021-35452) - CVE-2021-35452 libde265: Incorrect Access Control due to a SEGV in slice.cc

Summary: CVE-2021-35452 libde265: Incorrect Access Control due to a SEGV in slice.cc

Keywords:
Status:	NEW
Alias:	CVE-2021-35452
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	Embargoed2045114
TreeView+	depends on / blocked

Reported:	2022-01-25 15:49 UTC by Marian Rehak
Modified:	2023-03-14 13:41 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:

Attachments	(Terms of Use)

Description Marian Rehak 2022-01-25 15:49:31 UTC

An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.

Reference:

https://github.com/strukturag/libde265/issues/298

Comment 1 juneau 2022-01-25 16:21:37 UTC

Marking quay-io-3 affected/delegated. Affected code exists in image below, but use of affected code is undetermined.

| quay-io-3-flush-redis.txt:quay-io-3/quayio/flush-redis:latest/libde265-1.0.3-1 https://quay.io/app-sre/flush-redis:latest

Note You need to log in before you can comment on or make changes to this bug.