SB2021111811 - Denial of service in OpenEXR
Published: November 18, 2021 Updated: December 19, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Division by zero (CVE-ID: CVE-2021-3941)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to divide-by-zero issue in Imf_3_1::RGBtoXYZ. A remote attacker can trick the victim to open a specially crafted file, trigger division by zero and crash the application.
2) Integer overflow (CVE-ID: CVE-2021-3933)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow when processing files. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and perform a denial of service (DoS) attack.
Note, the vulnerability affects software installation on 32-bit systems.
Remediation
Install update from vendor's website.
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39084
- https://bugzilla.redhat.com/show_bug.cgi?id=2019789
- https://github.com/AcademySoftwareFoundation/openexr/pull/1153
- https://bugzilla.redhat.com/show_bug.cgi?id=2019783
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2JSMJ7HLWFPYYV7IAQZD5ZUUUN7RWBN/
- https://security.gentoo.org/glsa/202210-31
- https://www.debian.org/security/2022/dsa-5299
- https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html