CVE-2021-23169
Published: 8 June 2021
A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.
Notes
Author | Note |
---|---|
mdeslaur | it looks like the fix for this issue actually went into the exrcheck tool used by the fuzzer |
Priority
Status
Package | Release | Status |
---|---|---|
openexr Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Needs triage
|
|
groovy |
Ignored
(end of life)
|
|
hirsute |
Ignored
(end of life)
|
|
impish |
Not vulnerable
(2.5.4-2)
|
|
jammy |
Not vulnerable
(2.5.7-1)
|
|
kinetic |
Not vulnerable
(2.5.7-1)
|
|
lunar |
Not vulnerable
(2.5.7-1)
|
|
mantic |
Not vulnerable
(2.5.7-1)
|
|
noble |
Not vulnerable
(2.5.7-1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.5.4-2)
|
|
xenial |
Not vulnerable
(code not present)
|
|
Patches: upstream: https://github.com/AcademySoftwareFoundation/openexr/commit/ae6d203892cc9311917a7f4f05354ef792b3e58e |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |