[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and
From: |
Léo Le Bouter |
Subject: |
bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and CVE-2021-3475 |
Date: |
Thu, 01 Apr 2021 15:26:24 +0200 |
User-agent: |
Evolution 3.34.2 |
Another wave it seems:
CVE-2021-3479 31.03.21 16:15
There's a flaw in OpenEXR's Scanline API functionality in versions before
3.0.0-beta. An attacker who is able to submit a crafted file to be processed by
OpenEXR could trigger excessive consumption of memory, resulting in an impact
to system availability.
Fix:
https://github.com/AcademySoftwareFoundation/openexr/commit/d80f11f4f55100d007ae80a162bf257ec291612c
CVE-2021-3478 31.03.21 16:15
There's a flaw in OpenEXR's scanline input file functionality in versions
before 3.0.0-beta. An attacker able to submit a crafted file to be processed by
OpenEXR could consume excessive system memory. The greatest impact of this flaw
is to system availability.
Fix (? as Red Hat analyst points out in
https://bugzilla.redhat.com/show_bug.cgi?id=1939160#c3, it indeed looks
uncertain):
https://github.com/AcademySoftwareFoundation/openexr/commit/bc88cdb6c97fbf5bc5d11ad8ca55306da931283a
CVE-2021-3477 31.03.21 16:15
There's a flaw in OpenEXR's deep tile sample size calculations in
versions before 3.0.0-beta. An attacker who is able to submit a crafted
file to be processed by OpenEXR could trigger an integer overflow,
subsequently leading to an out-of-bounds read. The greatest risk of
this flaw is to application availability.
Fix (? as Red Hat analyst points out in
https://bugzilla.redhat.com/show_bug.cgi?id=1939159#c3, it indeed looks
uncertain):
https://github.com/AcademySoftwareFoundation/openexr/commit/467be80b75642efbbe6bdace558079f68c16acb1
signature.asc
Description: This is a digitally signed message part
- bug#47509: OpenEXR may be vulnerable to CVE-2021-3474, CVE-2021-3476 and CVE-2021-3475,
Léo Le Bouter <=