Vulnerabilities > CVE-2021-36409 - Reachable Assertion vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 2 |
Common Weakness Enumeration (CWE)
References
- https://github.com/strukturag/libde265/issues/300
- https://github.com/strukturag/libde265/issues/300
- https://lists.debian.org/debian-lts-announce/2022/12/msg00027.html
- https://lists.debian.org/debian-lts-announce/2022/12/msg00027.html
- https://www.debian.org/security/2023/dsa-5346
- https://www.debian.org/security/2023/dsa-5346