CVE-2015-8396

Name of the Vulnerable Software and Affected Versions Grassroots DICOM (aka GDCM) versions prior to 2.6.2

Description The issue is related to an integer overflow in the ImageRegionReader::ReadIntoBuffer function, which can be triggered by crafted header dimensions in a DICOM image file. This can lead to a buffer overflow, potentially allowing attackers to execute arbitrary code.

Recommendations For versions prior to 2.6.2, update to version 2.6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ImageRegionReader::ReadIntoBuffer function until a patch is available. Avoid processing untrusted or crafted DICOM image files with vulnerable versions of the software.