CVE-2016-5637 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Project Libbpg

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents3 sources

Severity

8.8HIGHNVD

OSV8.1

EPSS

0.6%

top 30.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Zookeeper Libbpg Project Libbpg

Timeline

PublishedJul 15

Latest updateMay 14

Description

The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a "type confusion" issue.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDlibbpg_project/libbpg0.9.5 — 0.9.7

▶Ubuntuapache/zookeeper< 3.4.5+dfsg-1ubuntu0.1~esm1+1

🔴Vulnerability Details

GHSA

GHSA-jgw5-x48h-mm86: The restore_tqb_pixels function in libbpg 0↗2022-05-14

▶

OSV

zookeeper vulnerabilities↗2021-03-15

▶

OSV

CVE-2016-5637: The restore_tqb_pixels function in libbpg 0↗2016-07-15

▶