Bug 1199461 - (CVE-2022-29978) VUL-1: CVE-2022-29978: libsixel: floating point exception error in sixel_encoder_do_resize, encoder.c:633
(CVE-2022-29978)
VUL-1: CVE-2022-29978: libsixel: floating point exception error in sixel_enco...
Status: RESOLVED INVALID
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.4
Other Other
: P5 - None : Minor (vote)
: ---
Assigned To: Enrico Belleri
Security Team bot
https://smash.suse.de/issue/331420/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-05-12 07:33 UTC by Hu
Modified: 2022-05-12 07:34 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hu 2022-05-12 07:33:35 UTC
CVE-2022-29978

There is a floating point exception error in sixel_encoder_do_resize,
encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this
vulnerability to cause a denial-of-service via a crafted JPEG file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29978
https://github.com/saitoha/libsixel/issues/166
Comment 1 Hu 2022-05-12 07:34:30 UTC
Closing, not affected:
- openSUSE:Factory/libsixel 1.10.3