SEGV in jbig2enc #85
Comments
|
This seems to be CVE-2023-46363 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
SEGV in jbig2enc
Description
jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512. This vulnerability can lead to a Denial of Service (DoS).
ASAN Log
./src/jbig2 -s -S -p -v -d -2 -O out.png Poc2jbig2enc
AddressSanitizer:DEADLYSIGNAL ================================================================= ==2937923==ERROR: AddressSanitizer: SEGV on unknown address 0x62f00df00400 (pc 0x7ffff7267108 bp 0x6060000000e0 sp 0x7fffffffe0e0 T0) ==2937923==The signal is caused by a READ memory access. #0 0x7ffff7267107 in pixSetPadBits (/lib/x86_64-linux-gnu/liblept.so.5+0x12e107) #1 0x7ffff71c93f4 in pixConnCompPixa (/lib/x86_64-linux-gnu/liblept.so.5+0x903f4) #2 0x7ffff72262d8 in jbGetComponents (/lib/x86_64-linux-gnu/liblept.so.5+0xed2d8) #3 0x7ffff72289eb in jbAddPage (/lib/x86_64-linux-gnu/liblept.so.5+0xef9eb) #4 0x5555555633ad in jbig2_add_page(jbig2ctx*, Pix*) /test2/jbig2enc/src/jbig2enc.cc:512 #5 0x55555555f408 in main /test2/jbig2enc/src/jbig2.cc:482 #6 0x7ffff6c1f082 in __libc_start_main ../csu/libc-start.c:308 #7 0x55555555bf4d in _start (/test2/jbig2enc/src/jbig2+0x7f4d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/liblept.so.5+0x12e107) in pixSetPadBits ==2937923==ABORTINGReproduction
PoC
Poc2jbig2enc: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/Poc2jbig2enc
Version
Reference
https://github.com/agl/jbig2enc
Environment
Credit
Zeng Yunxiang
The text was updated successfully, but these errors were encountered: