Headline
CVE-2022-29977: Assertion failure in stbi__jpeg_huff_decode, stb_image.h:1894 · Issue #165 · saitoha/libsixel
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted jpg file.
# img2sixel poc -o /tmp/foo
img2sixel: stb_image.h:1894: stbi__jpeg_huff_decode: Assertion `(((j->code_buffer) >> (32 - h->size[c])) & stbi__bmask[h->size[c]]) == h->code[c]' failed.
Aborted (core dumped)
# uname -a
Linux 4a409ce47130 5.4.0-70-generic #78~18.04.1-Ubuntu SMP Sat Mar 20 14:10:07 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Related news
CVE-2022-29977: Assertion failure in stbi__jpeg_huff_decode, stb_image.h:1894 · Issue #165 · saitoha/libsixel
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.