CVE-2023-2804
Public on 2023-05-19
Modified on 2023-05-19
Description
A heap-based buffer-overflow was found in libjpeg-turbo. The upstream project describes this issue as follows:
"12-bit is the only data precision for which the range of the sample data type exceeds the valid sample range, so it is possible to craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. Attempting to decompress such an image using color quantization or merged upsampling ... caused segfaults or buffer overruns when those algorithms attempted to use the out-of-range sample values as array indices."
"12-bit is the only data precision for which the range of the sample data type exceeds the valid sample range, so it is possible to craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. Attempting to decompress such an image using color quantization or merged upsampling ... caused segfaults or buffer overruns when those algorithms attempted to use the out-of-range sample values as array indices."
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | libjpeg-turbo | Not Affected | ||
| Amazon Linux 2 - Core | libjpeg-turbo | Not Affected | ||
| Amazon Linux 2023 | libjpeg-turbo | Not Affected |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
| NVD | CVSSv3 | 6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |