Bug 1579973 (CVE-2018-11212) - CVE-2018-11212 libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
Summary: CVE-2018-11212 libjpeg-turbo: Divide By Zero in alloc_sarray function in jmem...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-11212
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1579974 1579975 1579976 1579977 1579982 1586062 1685111 1685112 1685113 1685114 1685115 1685116 1685117 1689835 1694579
Blocks: 1579984
TreeView+ depends on / blocked
 
Reported: 2018-05-18 21:01 UTC by Laura Pardo
Modified: 2022-03-13 15:00 UTC (History)
13 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file. An attacker could use this vulnerability to cause a denial of service via a crafted file.
Clone Of:
Environment:
Last Closed: 2019-06-10 10:23:33 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0469 0 None None None 2019-03-06 21:52:41 UTC
Red Hat Product Errata RHSA-2019:0472 0 None None None 2019-03-07 15:58:41 UTC
Red Hat Product Errata RHSA-2019:0473 0 None None None 2019-03-07 15:58:50 UTC
Red Hat Product Errata RHSA-2019:0474 0 None None None 2019-03-07 15:59:02 UTC
Red Hat Product Errata RHSA-2019:0640 0 None None None 2019-03-25 18:25:33 UTC
Red Hat Product Errata RHSA-2019:1238 0 None None None 2019-05-16 13:25:28 UTC
Red Hat Product Errata RHSA-2019:2052 0 None None None 2019-08-06 12:08:08 UTC

Description Laura Pardo 2018-05-18 21:01:20 UTC 
An issue was discovered in libjpeg version 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.


References:
https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9a
Comment 1 Laura Pardo 2018-05-18 21:01:57 UTC 
Created libjpeg-turbo tracking bugs for this issue:

Affects: fedora-all [bug 1579976]


Created mingw-libjpeg-turbo tracking bugs for this issue:

Affects: epel-7 [bug 1579974]
Affects: fedora-all [bug 1579977]
Comment 4 Riccardo Schirone 2018-06-05 12:08:30 UTC 
Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0
Comment 6 errata-xmlrpc 2019-03-06 21:52:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0469
Comment 7 errata-xmlrpc 2019-03-07 15:58:39 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0472
Comment 8 errata-xmlrpc 2019-03-07 15:58:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2019:0473 https://access.redhat.com/errata/RHSA-2019:0473
Comment 9 errata-xmlrpc 2019-03-07 15:59:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2019:0474 https://access.redhat.com/errata/RHSA-2019:0474
Comment 10 errata-xmlrpc 2019-03-25 18:25:32 UTC 
This issue has been addressed in the following products:

  Red Hat Satellite 5.8

Via RHSA-2019:0640 https://access.redhat.com/errata/RHSA-2019:0640
Comment 11 errata-xmlrpc 2019-05-16 13:25:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2019:1238 https://access.redhat.com/errata/RHSA-2019:1238
Comment 12 errata-xmlrpc 2019-08-06 12:08:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:2052 https://access.redhat.com/errata/RHSA-2019:2052
Note You need to log in before you can comment on or make changes to this bug.