[Pkg-phototools-devel] Bug#1014828: openexr: CVE-2021-3933 CVE-2021-3941 CVE-2021-45942
Moritz Mühlenhoff
jmm at inutil.org
Tue Jul 12 20:29:40 BST 2022
Source: openexr
X-Debbugs-CC: team at security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for openexr.
CVE-2021-3933[0]:
| An integer overflow could occur when OpenEXR processes a crafted file
| on systems where size_t < 64 bits. This could cause an invalid
| bytesPerLine and maxBytesPerLine value, which could lead to problems
| with application stability or lead to other attack paths.
https://bugzilla.redhat.com/show_bug.cgi?id=2019783
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38912
Fixed by: https://github.com/AcademySoftwareFoundation/openexr/commit/5a0adf1aba7d41c6b94ba167c0c4308d2eecfd17
CVE-2021-3941[1]:
| In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division
| operations such as `float Z = (1 - chroma.white.x - chroma.white.y) *
| Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the
| divisor is not checked for a 0 value. A specially crafted file could
| trigger a divide-by-zero condition which could affect the availability
| of programs linked with OpenEXR.
https://bugzilla.redhat.com/show_bug.cgi?id=2019789
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39084
https://github.com/AcademySoftwareFoundation/openexr/pull/1153
Fixed by: https://github.com/AcademySoftwareFoundation/openexr/commit/a0cfa81153b2464b864c5fe39a53cb03339092ed
CVE-2021-45942[2]:
| OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in
| Imf_3_1::LineCompositeTask::execute (called from
| IlmThread_3_1::NullThreadPoolProvider::addTask and
| IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be
| inapplicable.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
https://github.com/AcademySoftwareFoundation/openexr/pull/1209
https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-3933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3933
[1] https://security-tracker.debian.org/tracker/CVE-2021-3941
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3941
[2] https://security-tracker.debian.org/tracker/CVE-2021-45942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45942
Please adjust the affected versions in the BTS as needed.
More information about the Pkg-phototools-devel
mailing list