Skip to main content

CVE-2022-43236: n/a in n/a

Medium
VulnerabilityCVE-2022-43236cvecve-2022-43236
Published: Wed Nov 02 2022 (11/02/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

AI-Powered Analysis

AILast updated: 06/26/2025, 04:26:53 UTC

Technical Analysis

CVE-2022-43236 is a stack-buffer-overflow vulnerability identified in libde265 version 1.0.8, specifically within the function put_qpel_fallback<unsigned short> in the fallback-motion.cc source file. Libde265 is an open-source H.265/HEVC video decoder library used to decode video streams encoded in the HEVC format. The vulnerability arises due to improper handling of crafted video data, which leads to a stack-based buffer overflow. An attacker can exploit this flaw by delivering a maliciously crafted video file that triggers the overflow during the decoding process. This results in a Denial of Service (DoS) condition, causing the application or service using libde265 to crash or become unresponsive. The vulnerability does not affect confidentiality or integrity directly but impacts availability. The CVSS v3.1 base score is 6.5 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), user interaction required (UI:R), unchanged scope (S:U), no impact on confidentiality or integrity (C:N/I:N), and high impact on availability (A:H). No known exploits are currently reported in the wild, and no patches or vendor-specific products are explicitly mentioned. The vulnerability affects libde265 version 1.0.8, which is commonly integrated into multimedia applications, media players, and streaming platforms that support HEVC video decoding.

Potential Impact

For European organizations, the primary impact of CVE-2022-43236 is service disruption due to application crashes when processing malicious HEVC video files. Organizations relying on software or services that incorporate libde265 for video decoding—such as media companies, broadcasters, streaming service providers, and any enterprise using video conferencing or video processing tools—may experience denial of service conditions. This can lead to operational downtime, degraded user experience, and potential loss of revenue or reputation. While the vulnerability does not allow data theft or code execution, the DoS can be leveraged in targeted attacks to disrupt critical media infrastructure or communication channels. Given the increasing use of HEVC video in content delivery and conferencing, the risk is non-negligible. Additionally, if libde265 is embedded in security-sensitive environments (e.g., video surveillance systems), the DoS could impair monitoring capabilities. The requirement for user interaction (opening or processing a crafted video file) limits the attack vector primarily to scenarios where users receive or access untrusted video content.

Mitigation Recommendations

Organizations should identify all software and systems using libde265 version 1.0.8 and assess their exposure. Since no official patch links are provided, it is recommended to: 1) Upgrade libde265 to a version where this vulnerability is fixed, if available, or apply vendor patches if using third-party products embedding libde265. 2) Implement strict validation and sanitization of video files before processing, including sandboxing video decoding operations to contain potential crashes. 3) Employ application-level controls to restrict or monitor the opening of untrusted or unsolicited video files, especially from external sources. 4) Use network-level protections such as email and web gateways to filter potentially malicious video attachments or downloads. 5) Monitor application logs and system stability for signs of crashes related to video decoding. 6) Engage with software vendors to confirm patch availability and timelines. 7) Consider deploying runtime protection tools that can detect and mitigate buffer overflow attempts during video decoding. These steps go beyond generic advice by focusing on the specific context of video file handling and the integration of libde265 in enterprise environments.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-17T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9837c4522896dcbeb894

Added to database: 5/21/2025, 9:09:11 AM

Last enriched: 6/26/2025, 4:26:53 AM

Last updated: 7/30/2025, 5:20:29 PM

Views: 7

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats