Описание
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanline data, allowing a read or write primitive based on the provided EXR file attributes. This flaw could be used to read or write memory to a compromised device through an attacker-placed EXR image.
Отчет
The heap-based buffer overflow vulnerability identified in the Academy Software Foundation's OpenEXR image parsing library represents an important security concern due to its potential for severe consequences and wide-reaching impact. By exploiting this vulnerability, attackers can execute arbitrary code or perform unauthorized read/write operations on affected systems. This ability to manipulate system memory poses a significant risk to data integrity, confidentiality, and system stability. Moreover, the vulnerability's presence in a widely-used image parsing library amplifies its severity. The ability to execute such attacks without user interaction, known as a 0-click attack surface, further amplifies the risk.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | OpenEXR | Out of support scope | ||
| Red Hat Enterprise Linux 7 | OpenEXR | Not affected | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/OpenEXR | Will not fix | ||
| Red Hat Enterprise Linux 8 | OpenEXR | Not affected | ||
| Red Hat Enterprise Linux 9 | openexr | Fixed | RHSA-2024:8800 | 04.11.2024 |
| Red Hat Enterprise Linux 9 | openexr | Fixed | RHSA-2024:9548 | 13.11.2024 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | openexr | Fixed | RHSA-2024:8802 | 04.11.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | openexr | Fixed | RHSA-2024:8801 | 04.11.2024 |
Показывать по
Дополнительная информация
Статус:
9.1 Critical
CVSS3
Связанные уязвимости
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.
Due to a failure in validating the number of scanline samples of a Ope ...
9.1 Critical
CVSS3