CVE-2022-41838

A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://security.gentoo.org/glsa/202305-33
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1634	Exploit Third Party Advisory
https://www.debian.org/security/2023/dsa-5384	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openimageio:openimageio:2.4.4.2:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

30 May 2023, 06:15

Type	Values Removed	Values Added
References		(MISC) https://security.gentoo.org/glsa/202305-33 -

15 May 2023, 15:02

Type	Values Removed	Values Added
CPE		cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:a:openimageio:openimageio:2.4.4.2:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
References		(MISC) https://www.debian.org/security/2023/dsa-5384 - Third Party Advisory
References	~~(MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2022-1634 -~~	(MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2022-1634 - Exploit, Third Party Advisory

22 Dec 2022, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-12-22 22:15

Updated : 2024-02-04 23:14

NVD link : CVE-2022-41838

Mitre link : CVE-2022-41838

CVE.ORG link : CVE-2022-41838

JSON object : View

Products Affected

openimageio

openimageio

debian

debian_linux

CWE

CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write

{"id": "CVE-2022-41838", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-12-22T22:15:15.690", "references": [{"url": "https://security.gentoo.org/glsa/202305-33", "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1634", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.debian.org/security/2023/dsa-5384", "tags": ["Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-122"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo en la funcionalidad de an\u00e1lisis de l\u00ednea de exploraci\u00f3n DDS de OpenImageIO Project OpenImageIO v2.4.4.2. Un .dds especialmente manipulado puede provocar un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Un atacante puede proporcionar un archivo malicioso para desencadenar esta vulnerabilidad."}], "lastModified": "2023-05-30T06:15:23.700", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openimageio:openimageio:2.4.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68FA2862-ED3E-4743-AFB0-0D23977A805D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}