Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 8 MGASA-2023-0144 Moderate: Libheif Buffer Overflow Exploit

mageia
Calendar Grey April 15, 2023
Dist Mageia Esm H88
Mageia 2023-0145 has issued a security patch rectifying a critical vulnerability in the libjpeg library. Learn more details inside!
Vulnerability in the strided image data parsing code in the emscripten wrapper for libheif

Summary

Vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. (CVE-2023-0996)

References

- https://bugs.mageia.org/show_bug.cgi?id=31768

- https://lists.suse.com/pipermail/sle-security-updates/2023-April/014381.html

- https://bugzilla.suse.com/show_bug.cgi?id=1208640

- https://www.cve.org/CVERecord?id=CVE-2023-0996

Topics%20covered

Topics Covered

security advisory buffer overflow exploit image processing mageia libheif

Resolution

SRPMS

- 8/core/libheif-1.10.0-1.2.mga8

- 8/tainted/libheif-1.10.0-1.2.mga8.tainted

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 15 Apr 2023
URL: https://advisories.mageia.org/MGASA-2023-0144.html
Type: security
CVE: CVE-2023-0996

Topics%20covered

Topics Covered

security advisory buffer overflow exploit image processing mageia libheif

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here