Primary

Context

strukturag libde265 Segmentation Fault Vulnerability in Frame Drop Table Computation

Vulnerability

A segmentation fault vulnerability has been identified in strukturag libde265, specifically in commit d9fea9d. The issue arises within the 'decoder_context::compute_framedrop_table()' function, leading to a buffer overflow.

Impact

Exploitation of this vulnerability causes a segmentation fault, indicating a buffer overflow condition.

Reproduction

The vulnerability can be reproduced by compiling libde265 with AddressSanitizer enabled, using Clang as the compiler. After building the application, the 'dec265' tool can be run with a command-line argument that triggers the vulnerability, such as an invalid value for the 'T' parameter. This causes the application to attempt to access memory incorrectly, resulting in a segmentation fault.

Remediation

Users are advised to update to the latest version of libde265, where this vulnerability has been addressed.

Added: Feb 23, 2026, 8:34 PM

Updated: Feb 23, 2026, 9:34 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.6

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.6

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

strukturag libde265 Segmentation Fault Vulnerability in Frame Drop Table Computation

Vulnerability

Impact

Reproduction

Remediation

Affected Products

strukturag libde265

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating