Описание
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
Отчет
This issue did not affect the versions of libjpeg-turbo as shipped with Red Hat Enterprise Linux 6 and 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 7 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 8 | libjpeg-turbo | Not affected |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS3
Связанные уязвимости
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflo ...
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
4.3 Medium
CVSS3