CVE-2022-41981

A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1628	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openimageio:openimageio:2.3.19.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

17 Jul 2023, 17:15

Type	Values Removed	Values Added
References	~~{'url': 'https://security.gentoo.org/glsa/202305-33', 'name': 'https://security.gentoo.org/glsa/202305-33', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}~~ ~~{'url': 'https://www.debian.org/security/2023/dsa-5384', 'name': 'https://www.debian.org/security/2023/dsa-5384', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}~~
CWE	CWE-125 CWE-787	CWE-121

27 Jun 2023, 13:32

Type	Values Removed	Values Added
CWE	~~CWE-121~~	CWE-125 CWE-787
References	~~(MISC) https://security.gentoo.org/glsa/202305-33 -~~	(MISC) https://security.gentoo.org/glsa/202305-33 - Third Party Advisory

30 May 2023, 06:15

Type	Values Removed	Values Added
References		(MISC) https://security.gentoo.org/glsa/202305-33 -

Information

Published : 2022-12-22 22:15

Updated : 2024-02-28 19:51

NVD link : CVE-2022-41981

Mitre link : CVE-2022-41981

CVE.ORG link : CVE-2022-41981

JSON object : View

Products Affected

openimageio

openimageio

debian

debian_linux

CWE

CWE-121

Stack-based Buffer Overflow

CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

{"id": "CVE-2022-41981", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2022-12-22T22:15:15.893", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1628", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-121"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el analizador de formato de archivo TGA de OpenImageIO v2.3.19.0. Un archivo targa especialmente manipulado puede provocar lecturas y escrituras fuera de los l\u00edmites en la pila de procesos, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede proporcionar un archivo malicioso para desencadenar esta vulnerabilidad."}], "lastModified": "2023-07-17T17:15:09.703", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openimageio:openimageio:2.3.19.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06112B1B-FC3F-425D-A78A-F7B7FD8AC1F9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}