SB2021040603 - Multiple vulnerabilities in OpenEXR
Published: April 6, 2021 Updated: May 18, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Integer overflow (CVE-ID: CVE-2021-3476)
The vulnerability allows a remote attacker to perform a denial of service (DoS) on the target system.
The vulnerability exists due to integer overflow in B44 uncompression functionality. A remote attacker can pass specially crafted file, trigger integer overflow and cause a denial of service condition on the target system.
2) NULL pointer dereference (CVE-ID: CVE-2021-20296)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Dwa decompression functionality. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
3) Resource exhaustion (CVE-ID: CVE-2021-3479)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the Scanline API functionality. A remote attacker can use a specially crafted file, trigger resource exhaustion and perform a denial of service (DoS) attack.
4) Resource exhaustion (CVE-ID: CVE-2021-3478)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in the scanline input file functionality. A remote attacker can use a specially crafted file, trigger resource exhaustion and perform a denial of service (DoS) attack.
5) Out-of-bounds read (CVE-ID: CVE-2021-3477)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the deep tile sample size calculations. A remote attacker can create a specially crafted file, trigger out-of-bounds read error and read contents of memory on the system.
6) Integer overflow (CVE-ID: CVE-2021-3475)
The vulnerability allows a remote attacker to perform a denial of service (DoS) on the target system.
The vulnerability exists due to integer overflow. A remote attacker can pass specially crafted file, trigger integer overflow and cause a denial of service condition on the target system.
7) Integer overflow (CVE-ID: CVE-2021-3474)
The vulnerability allows a remote attacker to perform a denial of service (DoS) on the target system.
The vulnerability exists due to integer overflow in the FastHufDecoder. A remote attacker can pass specially crafted file, trigger integer overflow and cause a denial of service condition on the target system.
Remediation
Install update from vendor's website.
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787
- https://bugzilla.redhat.com/show_bug.cgi?id=1939145
- https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.3
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
- https://bugzilla.redhat.com/show_bug.cgi?id=1939141
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25370
- https://bugzilla.redhat.com/show_bug.cgi?id=1939149
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27409
- https://bugzilla.redhat.com/show_bug.cgi?id=1939160
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
- https://bugzilla.redhat.com/show_bug.cgi?id=1939159
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297
- https://bugzilla.redhat.com/show_bug.cgi?id=1939144
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831
- https://bugzilla.redhat.com/show_bug.cgi?id=1939142