#VU99286 Out-of-bounds write in libheif - CVE-2024-41311

Cybersecurity Help s.r.o.

Published: 2024-10-23

Vulnerability identifier: #VU99286

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-41311

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libheif
Other software / Other software solutions

Vendor: struktur AG

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the ImageOverlay::parse() in context.cc. A remote attacker can create a specially crafted image file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libheif: 1.0.0 - 1.17.6

External links
https://github.com/strukturag/libheif/issues/1226
https://github.com/strukturag/libheif/pull/1227
https://github.com/strukturag/libheif/commit/a3ed1b1eb178c5d651d6ac619c8da3d71ac2be36
https://gist.github.com/flyyee/79f1b224069842ee320115cafa5c35c0

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Fedora 41 update for libheif

Fedora 40 update for libheif

SUSE update for libheif

Debian update for libheif

Ubuntu update for libheif

Remote code execution in Libheif