Integer overflow in libjpeg-turbo (Alpine package)

1) Integer overflow

EUVDB-ID: #VU22854

Risk: High

CVSSv3.1: 7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-2201

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in tjbench.c when handling JPEG images. A remote attacker can create a specially crafted JPEG image, pass it to the affected application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

libjpeg-turbo (Alpine package): 1.3.0-r0 - 1.5.3-r5

External links

http://git.alpinelinux.org/aports/commit/?id=64c1a9607a546bd84e9c8d5a604d7fc87851a4af
http://git.alpinelinux.org/aports/commit/?id=a6bbc6a39bd7459f28e4f24d83f51c7ed7c9c08b
http://git.alpinelinux.org/aports/commit/?id=8c593acdd5ae3aa50db4851fe92f8b3eea5fd0e9
http://git.alpinelinux.org/aports/commit/?id=be90230363da27cdade94d0f3c3e2a5569690163
http://git.alpinelinux.org/aports/commit/?id=88cf1dcb5c371de4fe74b08039d09a7d400a326b
http://git.alpinelinux.org/aports/commit/?id=3a60d465c83e0f5ba7e5e8b13ab1df7c6420582e
http://git.alpinelinux.org/aports/commit/?id=5c124b8898f87bce04bb22acd1852b00daf77f99
http://git.alpinelinux.org/aports/commit/?id=9378f3dab33e35a0b4972cdcd6c904bac680d04b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.