libde265.so is vulnerable to Buffer Overflow. The vulnerability is caused by the read_coding_unit
function in slice.cc
due to a lack of sanitization of the value obtained from intraPredMode.get(x, y)
. It directly casts the result to an enum IntraPredMode
without checking its validity. This potentially can leads to buffer overflow and Denial of Service.