Vulnerability CVE-2023-2804: Information

Description

A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Published: May 26, 2023
Modified: Feb. 13, 2024
Error type identifier: CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libjpeg-turbosisyphus3.0.2-alt13.0.2-alt2.1ALT-PU-2024-1887-1339928Fixed
libjpeg-turbosisyphus_e2k3.0.2-alt2.13.0.2-alt2.1ALT-PU-2024-2300-1-Fixed
libjpeg-turbosisyphus_riscv643.0.2-alt23.0.2-alt2.1ALT-PU-2024-3345-1-Fixed
libjpeg-turbosisyphus_loongarch643.0.2-alt13.0.2-alt2.1ALT-PU-2024-1969-1-Fixed
libjpeg8sisyphus3.0.0-alt13.0.3-alt1ALT-PU-2023-4129-1324198Fixed
libjpeg8sisyphus_e2k3.0.0-alt13.0.3-alt1ALT-PU-2023-4173-1-Fixed
libjpeg8sisyphus_riscv643.0.0-alt13.0.3-alt1ALT-PU-2023-4183-1-Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:2.1.90:*:*:*:*:*:*:*