Bugzilla – Bug 1211542
VUL-0: CVE-2023-2804: libjpeg-turbo: heap-buffer-overflow in h2v2_merged_upsample_internal() at /libjpeg-turbo/jdmrgext.c
Last modified: 2024-02-14 14:30:02 UTC
CVE-2023-2804 In libjpeg-turbo, there is heap-buffer-overflow at /libjpeg-turbo/jdmrgext.c:126 in h2v2_merged_upsample_internal(), leadin causing crash. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2804 https://bugzilla.redhat.com/show_bug.cgi?id=2208447
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/690
(no fix yet)
For the POC in the upstream github issue, I get: :/211542 # djpeg -fast 237670513-1d36b472-7dc9-4827-8694-07f0c5261bc1.jpeg Unsupported JPEG process: SOF type 0xc3 :/211542 # for all TW,15sp4,15,12/libjpeg-turbo. So we might be unaffected.
The upstream issue related to this CVE is rather: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/675 Nevertheless I get the same error: :/211542 # djpeg -nosmooth poc_tmin124 Unsupported JPEG process: SOF type 0xc3 :/211542 # Also the upstream issue says: "This bug is not reproducible with the 2.1.x branch." Patched jdlossls.c is not part of any our code stream. Closing as invalid.
This is an autogenerated message for OBS integration: This bug (1211542) was mentioned in https://build.opensuse.org/request/show/1136149 Factory / libjpeg-turbo