SB2022092240 - Ubuntu update for libjpeg-turbo

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Infinite loop (CVE-ID: CVE-2018-11813)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in read_pixel() function in rdtarga.c when processing EOF (end-of-line) characters. A remote attacker can use a specially crafted image to consume all available system resources and cause denial of service conditions.

2) Stack-based buffer overflow (CVE-ID: CVE-2020-17541)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the in the "transform" component in Libjpeg-turb. A remote attacker can create a specially crafted JPEG image, pass it to the affected aplication, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) NULL pointer dereference (CVE-ID: CVE-2020-35538)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the jcopy_sample_rows() function. A remote attacker can pass specially crafted input to the affected application and perform a denial of service (DoS) attack.

4) Out-of-bounds write (CVE-ID: CVE-2021-46822)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing images within the  get_word_rgb_row() function in rdppm.c. A remote attacker can pass a specially crafted file to the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-5631-1