CVE-2020-17541

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Libjpeg-turbo versions (affected versions not specified)

Description The issue is related to a stack-based buffer overflow in the transform component of Libjpeg-turbo. A remote attacker can exploit this by sending a malformed jpeg file, potentially leading to arbitrary code execution or denial of service. The exploitation may also allow the attacker to access confidential data, compromise its integrity, and cause service disruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2021:4288

ALT-PU-2020-1130

ALT-PU-2020-2252

ALT-PU-2021-1392

ALT-PU-2021-3093

AZL-6637

BDU:2023-07622

CESA-2021_4288

CVE-2020-17541

OPENSUSE-SU-2021:0892-1

OPENSUSE-SU-2021:1958-1

OPENSUSE-SU-2021_0892-1

OPENSUSE-SU-2021_1958-1

RHSA-2021:4288

RHSA-2021_4288

RLSA-2021:4288

SUSE-SU-2021:1957-1

SUSE-SU-2021:1958-1

SUSE-SU-2021_1957-1

SUSE-SU-2021_1958-1

USN-5553-1

USN-5631-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Libjpeg-Turbo

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2020-17541

Weakness Enumeration

Related Identifiers

Affected Products

References · 45