Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-34000: Assert failure in jxl::LowMemoryRenderPipeline::Init · Issue #1477 · libjxl/libjxl

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc.

CVE
Open in Source

There is a assert failure in libjxl before version 0.6.1 that could cause deny of service attack.

./lib/jxl/render_pipeline/low_memory_render_pipeline.cc:312: JXL_ASSERT: first_image_dim_stage_ == stages_.size() || i >= first_image_dim_stage_
    #0 0x558c6d05047e in __sanitizer_print_stack_trace /fuzz/fuzzdeps/llvm-project-11.0.0/compiler-rt/lib/asan/asan_stack.cpp:86:3
    #1 0x7fd128ed84b8 in jxl::Abort() /libjxl/SRC/lib/jxl/base/status.h:132:3
    #2 0x7fd12976cc2b in jxl::LowMemoryRenderPipeline::Init() /libjxl/SRC/lib/jxl/render_pipeline/low_memory_render_pipeline.cc:311:9
    #3 0x7fd12978248d in jxl::RenderPipeline::Builder::Finalize(jxl::FrameDimensions) && /libjxl/SRC/lib/jxl/render_pipeline/render_pipeline.cc:91:8
    #4 0x7fd1293a62af in jxl::PassesDecoderState::PreparePipeline(jxl::ImageBundle*, jxl::PassesDecoderState::PipelineOptions) /libjxl/SRC/lib/jxl/dec_cache.cc:198:40
    #5 0x7fd1293c5964 in jxl::FrameDecoder::ProcessSections(jxl::FrameDecoder::SectionInfo const*, unsigned long, jxl::FrameDecoder::SectionStatus*) /libjxl/SRC/lib/jxl/dec_frame.cc:775:5
    #6 0x7fd1295aa44a in jxl::(anonymous namespace)::JxlDecoderProcessCodestream(JxlDecoderStruct*, unsigned char const*, unsigned long) /libjxl/SRC/lib/jxl/decode.cc:1555:27
    #7 0x7fd1295aa44a in HandleBoxes(JxlDecoderStruct*) /libjxl/SRC/lib/jxl/decode.cc:2079:11
    #8 0x7fd1295a25da in JxlDecoderProcessInput /libjxl/SRC/lib/jxl/decode.cc:2251:29
    #9 0x558c6d07ed4a in DecodeJpegXlOneShot(unsigned char const*, unsigned long, std::vector<float, std::allocator<float> >*, unsigned long*, unsigned long*, std::vector<unsigned char, std::allocator<unsigned char> >*) /libjxl/SRC/examples/decode_oneshot.cc:58:31
    #10 0x558c6d080317 in main /libjxl/SRC/examples/decode_oneshot.cc:233:8
    #11 0x7fd12892b082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    #12 0x558c6cfa152d in _start (/libjxl/fuzzrun/decode_oneshot+0x1f52d)

[1]    888096 illegal hardware instruction  ./decode_oneshot /tmp/poc /dev/null /dev/null

Related news

Gentoo Linux Security Advisory 202210-36

Gentoo Linux Security Advisory 202210-36 - A vulnerability has been found in libjxl which could result in denial of service. Versions less than 0.7.0_pre20220825 are affected.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE