Integer-overflow in Imf_2_5::hufUncompress
Created OpenEXR tracking bugs for this issue:
Affects: fedora-all [bug 1939174]
Upstream patch: https://github.com/AcademySoftwareFoundation/openexr/commit/ed560b8a932c78d5e8e5990ce36fe7808b35d9f0
in hufUncompress of OpenEXR/IlmImf/ImfHuf.cpp, nBits+7 could overflow in the calculation of `if ( ptr + (nBits+7 )/8 > compressed+nCompressed)`. This could lead to an impact to application availability if nBits is too large. The patch casts to 64-bit type to prevent this.
This flaw does not affect OpenEXR shipped with Red Hat Enterprise Linux 6, 7, or 8 because the vulnerable code was introduced in a newer version of OpenEXR.