CVE-2017-13666
MEDIUMx265 - Integer Underflow in pixel-a.asm planeClipAndMax Function
Title source: llmDescription
An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can cause an integer underflow, which leads to a crash. This is a different vulnerability than CVE-2017-8906.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://bitbucket.org/multicoreware/x265/issues/364/integer-overflow-and-affect-top-level
Scores
CVSS v3
5.5
EPSS
0.0038
EPSS Percentile
29.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-191
Status
published
Products (26)
multicorewareinc/x265
0.1
multicorewareinc/x265
0.2
multicorewareinc/x265
0.3
multicorewareinc/x265
0.4
multicorewareinc/x265
0.4.1
multicorewareinc/x265
0.5
multicorewareinc/x265
0.6
multicorewareinc/x265
0.7
multicorewareinc/x265
0.8
multicorewareinc/x265
0.9
... and 16 more
Published
Aug 24, 2017
Tracked Since
Feb 18, 2026