2215240 – (CVE-2023-35790) CVE-2023-35790 libjxl: integer underflow leading to infinite loop

Bug 2215240 (CVE-2023-35790) - CVE-2023-35790 libjxl: integer underflow leading to infinite loop

Summary: CVE-2023-35790 libjxl: integer underflow leading to infinite loop

Keywords:
Status:	NEW
Alias:	CVE-2023-35790
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2220852 2220853 2220854 2220855 2220856 2220857
Blocks:	2215249
TreeView+	depends on / blocked

Reported:	2023-06-15 06:57 UTC by Sandipan Roy
Modified:	2024-03-29 03:35 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Sandipan Roy 2023-06-15 06:57:45 UTC

"### Changed
 - Security: Fix an integer underflow bug in patch decoding. (#2551)"

Please bump to 0.8.2.

https://github.com/libjxl/libjxl/releases/tag/v0.8.2

Comment 4 Jan Horak 2023-07-17 08:32:18 UTC

Upstream bug regarding library rebase: https://bugzilla.mozilla.org/show_bug.cgi?id=1837862

Comment 5 Tomas Popela 2023-07-20 09:16:45 UTC

Quoting reply from upstream - https://bugzilla.mozilla.org/show_bug.cgi?id=1837862#c8:

> The libjxl should only be built on nightly, so anything that is not nightly should be unaffected.

We've updated the list of bundled libraries (which we automatically generate when doing the major Firefox/Thunderbird rebase) to remove libjxl from it. It will be part of the Firefox / Thunderbird 115.x builds.

Note You need to log in before you can comment on or make changes to this bug.