mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

libde265: patch CVE-2026-33165

Browse Source 
Backport the commit mentioned in the NVD

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33165

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Ankur Tyagi
2026-04-06 00:49:03 +12:00
committed by Anuj Mittal
parent 28ee87c6b5
commit a3156b1afc
2 changed files with 46 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2026-33165.patch
+45
View File
@@ -0,0 +1,45 @@
From 9e8560a1b01bf066aaada3c19205170d93047766 Mon Sep 17 00:00:00 2001
From: Dirk Farin <dirk.farin@gmail.com>
Date: Sun, 15 Mar 2026 22:58:39 +0100
Subject: [PATCH] fix reallocation of metadata array when ctb size changes
(thanks to Ana K.)
(cherry picked from commit c7891e412106130b83f8e8ea8b7f907e9449b658)
CVE: CVE-2026-33165
Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/c7891e412106130b83f8e8ea8b7f907e9449b658]
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
libde265/image.cc | 5 +++--
libde265/image.h | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/libde265/image.cc b/libde265/image.cc
index fdc80fc2..1387f78d 100644
--- a/libde265/image.cc
+++ b/libde265/image.cc
@@ -455,8 +455,9 @@ de265_error de265_image::alloc_image(int w,int h, enum de265_chroma c,
// CTB info
- if (ctb_info.width_in_units != sps->PicWidthInCtbsY ||
- ctb_info.height_in_units != sps->PicHeightInCtbsY)
+ if (ctb_info.width_in_units != sps->PicWidthInCtbsY ||
+ ctb_info.height_in_units != sps->PicHeightInCtbsY ||
+ ctb_info.log2unitSize != sps->Log2CtbSizeY)
{
delete[] ctb_progress;
diff --git a/libde265/image.h b/libde265/image.h
index 3779580c..6fc34c71 100644
--- a/libde265/image.h
+++ b/libde265/image.h
@@ -149,7 +149,7 @@ template <class DataUnit> class MetaDataArray
// private:
DataUnit* data;
int data_size;
- int log2unitSize;
+ uint8_t log2unitSize;
int width_in_units;
int height_in_units;
};
meta-multimedia/recipes-multimedia/libde265/libde265_1.0.16.bb
+1
View File
@@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=695b556799abb2435c97a113cdca512f"
SRC_URI = "git://github.com/strukturag/libde265.git;branch=master;protocol=https;tag=v${PV} \
file://CVE-2025-61147.patch \
file://CVE-2026-33165.patch \
"
SRCREV = "7ba65889d3d6d8a0d99b5360b028243ba843be3a"