PT-2013-1155 · Libjpeg Turbo Developers+10 · Libjpeg-Turbo+10

Michal Zalewski

Published

2013-11-12

Updated

2024-12-12

CVE-2013-6629

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions libjpeg versions 6b libjpeg-turbo versions 1.2.1 through 1.3.0

Description The issue is related to the handling of JPEG images, which can lead to the disclosure of sensitive information from uninitialized memory locations. This can be exploited remotely. The get sos function in jdmarker.c does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers. An information disclosure vulnerability exists within the open-source libjpeg image-processing library where it fails to properly handle objects in memory, allowing an attacker to retrieve information that could lead to an Address Space Layout Randomization (ASLR) bypass.

Recommendations For libjpeg version 6b, update to a version that fixes the vulnerability. For libjpeg-turbo versions 1.2.1 through 1.3.0, update to a version that fixes the vulnerability. As a temporary workaround, consider disabling the handling of JPEG images until a patch is available. Restrict access to the vulnerable library to minimize the risk of exploitation.

Exploit

Fix

RCE

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-189

Related Identifiers

ALT-PU-2013-1119

ALT-PU-2013-1324

ALT-PU-2013-1333

ALT-PU-2013-1334

ALT-PU-2014-1201

BDU:2015-06136

BDU:2015-06137

BDU:2015-06138

BDU:2015-06139

BDU:2015-07110

BDU:2015-07111

BDU:2015-07112

BDU:2015-09076

BDU:2015-09077

BDU:2015-09078

BDU:2015-09079

BDU:2015-09080

BDU:2015-09081

BDU:2015-09082

CESA-2013_1803

CVE-2013-6629

DSA-2799-1

DSA-2923-1

HPSBUX03091

HPSBUX03092

MGASA-2013-0324

MGASA-2013-0333

OPENSUSE-SU-2013_1776-1

OPENSUSE-SU-2013_1777-1

OPENSUSE-SU-2013_1861-1

OPENSUSE-SU-2013_1871-1

OPENSUSE-SU-2014_1100-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:10218-1

OPENSUSE-SU-2024:10230-1

OPENSUSE-SU-2024:10534-1

OPENSUSE-SU-2024:12948-1

OPENSUSE-SU-2024:14572-1

RHSA-2013:1803

RHSA-2013:1804

RHSA-2013_1803

RHSA-2013_1804

RHSA-2014:0412

RHSA-2014:0413

RHSA-2014:0414

RHSA-2014:0486

RHSA-2014:0508

RHSA-2014:0509

RHSA-2014:0705

RHSA-2014:0982

RHSA-2014_0412

RHSA-2014_0413

RHSA-2014_0414

RHSA-2014_0486

RHSA-2014_0508

RHSA-2014_0509

RHSA-2014_0705

SUSE-SU-2014_0639-1

SUSE-SU-2014_0728-2

SUSE-SU-2014_0728-3

SUSE-SU-2014_0732-1

SUSE-SU-2014_0733-1

SUSE-SU-2014_0733-2

SUSE-SU-2015:0336-1

SUSE-SU-2015:0343-1

SUSE-SU-2015:0343-2

SUSE-SU-2015:0344-1

SUSE-SU-2015:0392-1

SUSE-SU-2015:0833-1

SUSE-SU-2015:1086-1

SUSE-SU-2015:1086-2

SUSE-SU-2015:1086-3

SUSE-SU-2015:1086-4

Affected Products

Alt Linux

Centos

Google Chrome

Hp-Ux

Ibm Aix

Java Platform

Red Hat

Suse

Windows

Libjpeg

Libjpeg-Turbo

PT-2013-1155 · Libjpeg Turbo Developers+10 · Libjpeg-Turbo+10

CVE-2013-6629

Weakness Enumeration

Related Identifiers

Affected Products

References · 6286