Packages

  • Status Researching
  • Percent Complete
    0%
  • Task Type Security Issue
  • Category Any
  • Assigned To
    Márcio Silva
    André Silva
  • Operating System Hyperbola GNU/Linux-libre
  • Severity Critical
  • Priority Medium
  • Reported Version Milky Way v0.3
  • Due in Version Starfix
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Packages
Opened by bugmen0t - 18/11/2019
Last edited by Damián - 21/11/2019

FS#1482 - [libjpeg-turbo] CVE-2019-2201

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation

https://security-tracker.debian.org/tracker/CVE-2019-2201

Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388

Date User Effort (H:M)

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing