PT-2023-1886 · Libheif+5 · Libheif+5

Eugene Lim

Publicado

2023-02-23

Atualizado

2025-03-11

CVE-2023-0996

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libheif (affected versions not specified)

Description The issue is related to the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy() call. This can lead to a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120

Identificadores relacionados

ALT-PU-2023-1389

BDU:2023-01487

CVE-2023-0996

DLA-3945-1

MGASA-2023-0144

OPENSUSE-SU-2024:14579-1

SUSE-SU-2023:1766-1

USN-6847-1

Produtos afetados

Alt Linux

Astra Linux

Linuxmint

Red Os

Ubuntu

Libheif

PT-2023-1886 · Libheif+5 · Libheif+5

CVE-2023-0996

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 41