Kaldreic

**Name of the Vulnerable Software and Affected Versions** libheif versions prior to 1.21.0 **Description** libheif is a decoder and encoder for HEIF and AVIF file formats. A specially crafted HEIF file that utilizes the overlay image item path can cause a heap buffer over-read in the `HeifPixelImage::overlay()` function. The function calculates a negative row length, which results in an underflow when converted to `size t` and is subsequently used in a `memcpy` operation. This leads to a read past the end of the source plane and a crash. The vulnerable function is `HeifPixelImage::overlay()`. As a workaround, avoid decoding images that use `iovl` overlay boxes. **Recommendations** Update to version 1.21.0 or later. As a temporary workaround, avoid decoding images using `iovl` overlay boxes.