Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170123030704.GA404@sin.redhat.com>
Date: Mon, 23 Jan 2017 13:38:24 +1030
From: Doran Moppert <dmoppert@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE request: lcms2 heap OOB read parsing crafted ICC profile

Originally disclosed on this list in August by Ibrahim El-Sayed, but the
CVE request was unclear so I guess it got lost:

http://seclists.org/oss-sec/2016/q3/288

An out-of-bounds heap read in lcms2 ("Little Colour Management System"),
in the function Type_MLU_Read in cmstypes.c.  This could be triggered by
an untrusted image with a crafted ICC profile.

Fixed in commit:

https://github.com/mm2/Little-CMS/commit/5ca71a7b

lcms2 is fairly bundled in various OpenJDK releases, so distributions
should check carefully whether they use bundled versions, and if so,
whether those have picked up the patch.

Some more information at Red Hat bugzilla:

https://bugzilla.redhat.com/show_bug.cgi?id=1367357


Thanks,

-- 
Doran Moppert
Red Hat Product Security

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.