Bug 2047745 (CVE-2021-45942) - CVE-2021-45942 OpenEXR: heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute
Summary: CVE-2021-45942 OpenEXR: heap-based buffer overflow in Imf_3_1:LineCompositeTa...
Keywords:
Status: NEW
Alias: CVE-2021-45942
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2047746 2051591 2051592 2051596 2051598
Blocks: 2047750
TreeView+ depends on / blocked
 
Reported: 2022-01-28 13:13 UTC by Marian Rehak
Modified: 2023-07-07 08:31 UTC (History)
5 users (show)

Fixed In Version: OpenEXR 3.1.4
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Marian Rehak 2022-01-28 13:13:05 UTC 
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

Reference:

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
Comment 1 Marian Rehak 2022-01-28 13:13:23 UTC 
Created OpenEXR tracking bugs for this issue:

Affects: fedora-all [bug 2047746]
Comment 2 juneau 2022-01-28 16:12:18 UTC 
Marking quay-io-3 affected/delegated. Affect code exists in container image* but likelihood of exploit is unknown.

*quay-io-3/quayio/flush-redis:latest/openexr-2.2.1-4.1 https://quay.io/app-sre/flush-redis:latest
Comment 5 TEJ RATHI 2022-02-07 14:37:14 UTC 
Filing trackers for RHEL-8,9. So that engineering can have closer look and decide accordingly.
Comment 8 TEJ RATHI 2022-02-07 15:18:34 UTC 
Created mingw-openexr tracking bugs for this issue:

Affects: fedora-all [bug 2051598]
Comment 10 Sandro Mani 2022-03-28 19:30:38 UTC 
Upstream commit: https://github.com/AcademySoftwareFoundation/openexr/commit/7d0ef6617f5b5622276458cc5a21d8b859ca7c5b
Note You need to log in before you can comment on or make changes to this bug.