Division by zero in libjpeg-turbo

#VU24210 Division by zero in libjpeg-turbo

Published: 2020-01-13

Vulnerability identifier: #VU24210

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1152

CWE-ID: CWE-369

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libjpeg-turbo
Client/Desktop applications / Multimedia software

Vendor: The libjpeg-turbo Project

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to divide by zero error when processing a crafted BMP image. A remote attacker can pass specially crafted file to the application and crash it.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libjpeg-turbo: 1.5.90

External links
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html
http://www.securityfocus.com/bid/104543
http://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
http://lists.debian.org/debian-lts-announce/2019/01/msg00015.html
http://usn.ubuntu.com/3706-1/
http://usn.ubuntu.com/3706-2/
http://www.tenable.com/security/research/tra-2018-17

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for libjpeg-turbo

Division by zero in libjpeg-turbo (Alpine package)

Multiple vulnerabilities in libjpeg-turbo