CVE-2017-12603

Name of the Vulnerable Software and Affected Versions: OpenCV versions through 3.3

Description: The issue is related to an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file using cv::imread. This can lead to a buffer overflow, potentially allowing a remote attacker to access confidential data, compromise data integrity, and cause a denial of service.

Recommendations: For OpenCV versions through 3.3, as a temporary workaround, consider disabling the cv::RLByteStream::getBytes function until a patch is available. Restrict access to the modules/imgcodecs/src/bitstrm.cpp module to minimize the risk of exploitation. Avoid using the cv::imread function to read image files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.