Bugzilla – Bug 1158804
VUL-0: CVE-2019-19624: opencv: out-of-bounds read in DIS optflow algorithm when dealing with small images
Last modified: 2019-12-09 14:34:16 UTC
An out-of-bounds read was discovered in opencv up to version 4.1.0. Specifically, variable coarsest_scale is assumed to be greater or equal than finest_scale in calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of heap-allocated arrays Ux and Uy.