- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201612-55 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libjpeg-turbo: User-assisted execution of arbitrary code Date: December 31, 2016 Bugs: #585782 ID: 201612-55 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== An out-of-bounds read in libjpeg-turbo might allow remote attackers to execute arbitrary code. Background ========== libjpeg-turbo is a JPEG image codec that uses SIMD instructions (MMX, SSE2, NEON, AltiVec) to accelerate baseline JPEG compression and decompression. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/libjpeg-turbo < 1.5.0 >= 1.5.0 Description =========== The accelerated Huffman decoder was previously invoked if there were 128 bytes in the input buffer. However, it is possible to construct a JPEG image with Huffman blocks > 430 bytes in length. This release simply increases the minimum buffer size for the accelerated Huffman decoder to 512 bytes, which should accommodate any possible input. Impact ====== A remote attacker could coerce the victim to run a specially crafted image file resulting in the execution of arbitrary code. Workaround ========== There is no known workaround at this time. Resolution ========== All libjpeg-turbo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libjpeg-turbo-1.5.0"= References ========== [ 1 ] LJT-01-005 https://wiki.mozilla.org/images/7/77/Libjpeg-turbo-report.pdf [ 2 ] Prevent overread when decoding malformed JPEG https://github.com/libjpeg-turbo/libjpeg-turbo/commit/0463f7c9aad060fcd56= e98d025ce16185279e2bc Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201612-55 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --IlVxeAD1N5xmUTBP2ukoC0lkxQTxR3OfV--