New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FPE in box.cc - heif::Fraction::round() #794
Comments
|
Thank you |
|
Can I get a CVE for this patch? |
|
I am not familiar with the CVE process. If you want, you can register it yourself. |
|
Thank you for quick response. |
|
FYI, this is CVE-2023-29659 (assigned by Red Hat). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tested version:
libheif-1.15.1
Description of the bug:
Floating point exception is triggered when processing a crafted heif image, caused by divide by zero error, which leads to a crash.
This can be used for denial of service attacks.
Steps to reproduce the bug:
Compile with Address Sanitizer (ASan) :
./fuzzer ./poc.heif
Address Sanitizer log:
Please check the attached POC.
POC.zip
The text was updated successfully, but these errors were encountered: