2077539 – openexr: Heap-buffer-overflow in Imf_3_1::memstream_read could lead to a crash

Bug 2077539 - openexr: Heap-buffer-overflow in Imf_3_1::memstream_read could lead to a crash

Summary: openexr: Heap-buffer-overflow in Imf_3_1::memstream_read could lead to a crash

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2077557 2077559
Blocks:	2077550
TreeView+	depends on / blocked

Reported:	2022-04-21 14:40 UTC by Michael Kaplan
Modified:	2022-10-26 12:36 UTC (History)
CC List:	6 users (show)
Fixed In Version:	openexr 3.1.5
Clone Of:
Environment:
Last Closed:	2022-05-06 06:34:43 UTC
Embargoed:

Attachments	(Terms of Use)

Description Michael Kaplan 2022-04-21 14:40:57 UTC

OpenEXR before 3.1.5 is vulnerable to Heap-buffer-overflow in Imf_3_1::memstream_read 

References: 

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46309

Comment 1 Michael Kaplan 2022-04-21 15:02:26 UTC

Created OpenEXR tracking bugs for this issue:

Affects: fedora-all [bug 2077559]


Created mingw-openexr tracking bugs for this issue:

Affects: fedora-all [bug 2077557]

Comment 2 Marian Rehak 2022-05-06 06:34:43 UTC

This was due to a bug in the CheckFile function in libOpenEXRUtil. CheckFile's sole purpose is for fuzz testing

Note You need to log in before you can comment on or make changes to this bug.