#VU76229 Division by zero in libheif - CVE-2023-29659

Cybersecurity Help s.r.o.

Published: 2023-05-16

Vulnerability identifier: #VU76229

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-29659

CWE-ID: CWE-369

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libheif
Other software / Other software solutions

Vendor: struktur AG

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a floating point exception within the heif::Fraction::round() function in box.cc. A remote attacker can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libheif: 1.0.0 - 1.15.1

External links
http://github.com/strukturag/libheif/issues/794
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKAE6NQBA3Q7GS6VTNDZRZZZVPPEFUEZ/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LGKHDCS4HRZE3UGXYYDYPTIPNIBRLQ5L/
http://github.com/advisories/GHSA-22fx-6r9m-r8h9

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Debian update for libheif

Ubuntu update for libheif

Fedora 37 update for libheif

Fedora 36 update for libheif

SUSE update for libheif

Denial of service in libheif