Vulnerability Details : CVE-2024-11403
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions.
Products affected by CVE-2024-11403
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2024-11403
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-11403
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.9
|
MEDIUM | CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:H/VI:N/V... |
N/A
|
N/A
|
Google Inc. | 2024-11-25 |
|
6.9
|
MEDIUM | CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:H/VI:N/V... |
N/A
|
N/A
|
Google Inc. | 2024-11-25 |
CWE ids for CVE-2024-11403
-
The product reads data past the end, or before the beginning, of the intended buffer.Assigned by:
- 14ed7db2-1595-443d-9d34-6215bf890778 (Primary)
- cve-coordination@google.com (Secondary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by:
- 14ed7db2-1595-443d-9d34-6215bf890778 (Primary)
- cve-coordination@google.com (Secondary)
References for CVE-2024-11403
-
https://github.com/libjxl/libjxl/commit/9cc451b91b74ba470fd72bd48c121e9f33d24c99
Port the Huffman lookup table size fix from brunsli. (#3871) · libjxl/libjxl@9cc451b · GitHub
Jump to