2122387 – (CVE-2020-35538) CVE-2020-35538 libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function

Bug 2122387 (CVE-2020-35538) - CVE-2020-35538 libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function

Summary: CVE-2020-35538 libjpeg-turbo: Null pointer dereference in jcopy_sample_rows()...

Keywords:
Status:	NEW
Alias:	CVE-2020-35538
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2128955 2128956 2134056 2134057 2134058
Blocks:	2122389
TreeView+	depends on / blocked

Reported:	2022-08-29 22:23 UTC by Pedro Sampaio
Modified:	2025-02-19 08:27 UTC (History)
CC List:	27 users (show)
Fixed In Version:	libjpeg-turbo 2.0.6
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2022-08-29 22:23:38 UTC

A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.

Upstream issue:

https://github.com/libjpeg-turbo/libjpeg-turbo/issues/441

Upstream fix:

https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9120a247436e84c0b4eea828cb11e8f665fcde30

Comment 2 TEJ RATHI 2022-09-22 05:37:48 UTC

Created libjpeg-turbo tracking bugs for this issue:

Affects: fedora-all [bug 2128955]


Created mingw-libjpeg-turbo tracking bugs for this issue:

Affects: fedora-all [bug 2128956]

Note You need to log in before you can comment on or make changes to this bug.

adudiak
aprice
caswilli
dffrench
erik-fedora
fjansen
gzaronik
jburrell
jforrest
jkoehler
jsamir
jwong
kaycoth
kshier
lphiri
manisandro
mpierce
negativo17
nforro
ngough
phracek
rgodfrey
rh-spice-bugs
rjones
sthirugn
vkrizan
vonsch