Описание
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
A heap-based buffer overflow issue was found in libjpeg-turbo in the h2v2_merged_upsample_internal() function in the jdmrgext.c file. This issue can only be used with 12-bit data precision for which the range of the sample data type exceeds the valid sample range. This could allow an attacker to craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such an image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
Отчет
This CVE does not affect libjpeg-turbo v2.1.x and prior. Red Hat Enterprise Linux ships libjpeg-turbo v2.0.90 and prior. Vulnerable code is not present in our code-base. Hence, it's not affected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 7 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 8 | libjpeg-turbo | Not affected | ||
| Red Hat Enterprise Linux 9 | libjpeg-turbo | Not affected |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
A heap-based buffer overflow issue was discovered in libjpeg-turbo in ...
A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
6.5 Medium
CVSS3