CVE-2018-20330 — Integer Overflow or Wraparound in Libjpeg-turbo

CWE-190 — Integer Overflow or Wraparound CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow14 documents8 sources

Severity

8.8HIGHNVD

OSV9.8OSV6.5

EPSS

0.3%

top 43.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libjpeg-turbo Fasterxml Jackson-databind Debian Libjpeg-turbo

Timeline

PublishedDec 21

Latest updateMay 6

Description

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages5 packages

▶Alpinelibjpeg-turbo/libjpeg-turbo< 2.0.2-r0+13

▶Ubuntulibjpeg-turbo/libjpeg-turbo< 1.4.2-0ubuntu3.3+1

▶debiandebian/libjpeg-turbo

▶NVDlibjpeg-turbo/libjpeg-turbo2.0.1

▶Ubuntufasterxml/jackson-databind< 2.4.2-3ubuntu0.1~esm2

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-4qq8-w9wg-4qw8: The tjLoadImage function in libjpeg-turbo 2↗2022-05-13

▶

OSV

jackson-databind vulnerabilities↗2021-03-15

▶

OSV

libjpeg-turbo vulnerabilities↗2019-11-13

▶

OSV

CVE-2018-20330: The tjLoadImage function in libjpeg-turbo 2↗2018-12-21

▶

📋Vendor Advisories

Ubuntu

libjpeg-turbo vulnerabilities↗2019-11-13

▶

Red Hat

libjpeg-turbo: heap-based buffer overflow in tjLoadImage↗2018-11-25

▶

Debian

CVE-2018-20330: libjpeg-turbo - The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a r...↗2018

▶

📄Research Papers

arXiv

Directed Greybox Fuzzing via Large Language Model↗2025-05-06

▶

arXiv

Dissecting contact tracing apps in the Android platform↗2021-05-21

▶

💬Community

Bugzilla

CVE-2018-20330 mingw-libjpeg-turbo: libjpeg-turbo: heap-based buffer overflow in tjLoadImage [epel-7]↗2019-01-10

▶

Bugzilla

CVE-2018-20330 mingw-libjpeg-turbo: libjpeg-turbo: heap-based buffer overflow in tjLoadImage [fedora-all]↗2019-01-10

▶

Bugzilla

CVE-2018-20330 libjpeg-turbo: heap-based buffer overflow in tjLoadImage↗2019-01-10

▶

Bugzilla

CVE-2018-20330 libjpeg-turbo: heap-based buffer overflow in tjLoadImage [fedora-all]↗2019-01-10

▶