Описание
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libheif | fixed | 1.19.7-1 | package | |
| libheif | not-affected | bookworm | package | |
| libheif | not-affected | bullseye | package |
Примечания
https://github.com/strukturag/libheif/issues/1455
Introduced by: https://github.com/strukturag/libheif/commit/e18ac586ca9e16429b0db1814e433d032a655b6e (v1.19.0)
Fixed by: https://github.com/strukturag/libheif/commit/6e35af7b0ff9fb6cc952a1539590d160db32f671 (v1.19.6)
Связанные уязвимости
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
Уязвимость функции ImageItem_Grid::get_decoder() компонента image-items/grid.cc декодера и кодировщика форматов файлов libheif, позволяющая нарушителю выполнить произвольный код