#VU21453 Out-of-bounds read in DjVuLibre - CVE-2019-15145


Vulnerability identifier: #VU21453

Vulnerability risk: Low

CVSSv4.0: 0.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-15145

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
DjVuLibre
Client/Desktop applications / Multimedia software

Vendor: DjVu

Description

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h within DjVuLibre due to a missing zero-bytes check in libdjvu/GBitmap.h. A remote attacker can create a specially crafted JB2 file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

DjVuLibre: 3.5.27

External links
https://sourceforge.net/p/djvu/bugs/298/
https://sourceforge.net/p/djvu/djvulibre-git/ci/9658b01431cd7ff6344d7787f855179e73fe81a7/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Debian update for djvulibre
openEuler update for djvulibre
Gentoo update for DjVu
Ubuntu update for DjVuLibre
Fedora 30 update for mingw-djvulibre
Fedora 31 update for mingw-djvulibre
Fedora 30 update for djvulibre
Fedora EPEL 6 update for djvulibre
Fedora EPEL 7 update for djvulibre
Fedora 31 update for djvulibre