Описание
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libheif | fixed | 1.8.0-1 | package | |
| libheif | no-dsa | bullseye | package | |
| libheif | no-dsa | buster | package |
Примечания
https://github.com/strukturag/libheif/issues/207
https://github.com/strukturag/libheif/commit/bca0162018df9a32d21c05aad1fa203881fa7813 (v1.7.0)
EPSS
Связанные уязвимости
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
EPSS