A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.
References
Configurations
History
21 Nov 2024, 07:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/security/cve/CVE-2023-2804 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2208447 - Issue Tracking, Patch | |
References | () https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021 - Patch | |
References | () https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118 - Exploit, Issue Tracking, Patch | |
References | () https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675 - Exploit, Issue Tracking, Patch | |
References | () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01006.html - |
13 Feb 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Aug 2023, 19:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.1.90:*:*:*:*:*:*:* |
01 Jun 2023, 19:13
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9f756bc67a84d4566bf74a0c2432aa55da404021 - Patch | |
References | (MISC) https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675 - Exploit, Issue Tracking, Patch | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2208447 - Issue Tracking, Patch | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-2804 - Third Party Advisory | |
References | (MISC) https://github.com/libjpeg-turbo/libjpeg-turbo/issues/668#issuecomment-1492586118 - Exploit, Issue Tracking, Patch | |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:* | |
First Time |
Libjpeg-turbo libjpeg-turbo
Libjpeg-turbo |
Information
Published : 2023-05-25 22:15
Updated : 2024-11-21 07:59
NVD link : CVE-2023-2804
Mitre link : CVE-2023-2804
CVE.ORG link : CVE-2023-2804
JSON object : View
Products Affected
libjpeg-turbo
- libjpeg-turbo