Heap-based Buffer Overflow in libjpeg-turbo's h2v2_merged_upsample_internal() Function

Heap-based Buffer Overflow in libjpeg-turbo's h2v2_merged_upsample_internal() Function

CVE-2023-2804 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash.

Learn more about our Internal Network Penetration Testing.