Описание
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
A vulnerability was found in libjpeg-turbo where a segmentation fault occurs due to a NULL pointer passing to jcopy_sample_rows(). You may see this error statement: "Corrupt JPEG data: premature end of data segment". When processed by a libjpeg-turbo, a crafted input file could cause a crash, leading to a denial of service.
Отчет
This vulnerability is considered low severity rather than moderate because it primarily results in a denial of service (DoS) through a crash, without posing a direct risk of code execution or information disclosure. The issue arises due to a NULL pointer dereference when processing a malformed JPEG file, which leads to a segmentation fault but does not introduce memory corruption or arbitrary code execution risks. Additionally, most applications using libjpeg-turbo process images in a non-privileged context, meaning a crash does not compromise system security beyond affecting availability. Since the exploitation requires user interaction (i.e., opening a crafted JPEG), and modern systems can handle such crashes gracefully (e.g., automatic process restart mechanisms), the overall impact remains low.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 7 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 8 | libjpeg-turbo | Fix deferred | ||
| Red Hat Enterprise Linux 9 | libjpeg-turbo | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
A crafted input file could cause a null pointer dereference in jcopy_s ...
EPSS
5.5 Medium
CVSS3