#VU34467 Out-of-bounds write in OpenEXR


Published: 2020-04-15 | Updated: 2020-08-08

Vulnerability identifier: #VU34467

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-11763

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenEXR
Client/Desktop applications / Multimedia software

Vendor: OpenEXR

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.

Mitigation
Install update from vendor's website.

Vulnerable software versions

OpenEXR: 2.4.0

External links
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html
http://bugs.chromium.org/p/project-zero/issues/detail?id=1987
http://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020
http://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3/
http://usn.ubuntu.com/4339-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
openEuler 20.03 LTS SP1 update for OpenEXR
Gentoo update for OpenEXR
Red Hat Enterprise Linux 7 update for OpenEXR
Debian update for openexr
OpenSUSE Linux update for openexr
Multiple vulnerabilities in OpenEXR