CVE-2021-45942

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute (called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

References

Affected packages

Git / github.com/academysoftwarefoundation/openexr

Affected ranges

Type: GIT
Repo: https://github.com/academysoftwarefoundation/openexr
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

11cad77da87c4fa2aab7d58dd5339e254db7937e

Fixed

db217f29dfb24f6b4b5100c24ac5e7490e1c57d0

Fixed

e94d82b2165da4e2af167aa74630906202e3d43b

Affected versions

Other

OPENEXR_1_0_4

v1.*

v1.7.1

v2.*

v2.0.0

v2.0.0.GM

v2.0.0.beta.1

v2.0.0.beta.2

v2.0.1

v2.1.0

v2.2.0

v2.3.0

v2.4.0

v2.4.0-beta.1

v2.5.0

v3.*

v3.0.0-beta

v3.1.0

v3.1.0-rc1

v3.1.1

v3.1.1-rc

v3.1.2

v3.1.2-rc

v3.1.2-rc2

v3.1.3

v3.1.3-rc

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "91325097609538975938839288582012065129",
                "253262582701365962304054289157660516177",
                "311902830990348950937288566678359618339",
                "276586492905127154042036174912484144033",
                "188831020824104559036523858955344443108",
                "161704828430724978381240602373035083082",
                "278371039388581491327703370562709045406",
                "266711709169808084797339884642694441415",
                "296893220345172727778302497048130209817",
                "316457263467203110643778627538681938526",
                "205303340487489424337040860361738762156"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2021-45942-23c168f3",
        "source": "https://github.com/academysoftwarefoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp"
        },
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "261060456331839676951654666103115895398",
            "length": 3393.0
        },
        "id": "CVE-2021-45942-5f0097db",
        "source": "https://github.com/academysoftwarefoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "readSampleCountForLineBlock",
            "file": "src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp"
        },
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "316721967187106063181695801990944930618",
                "94654718054767645311657229282167205772",
                "112344748540393282297725007213985904054",
                "71949429348040882983664868528521426691"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2021-45942-69e046d7",
        "source": "https://github.com/academysoftwarefoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp"
        },
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "262584198376023626102395360950088918721",
            "length": 761.0
        },
        "id": "CVE-2021-45942-efaf5dcd",
        "source": "https://github.com/academysoftwarefoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "CompositeDeepScanLine::setFrameBuffer",
            "file": "src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp"
        },
        "signature_type": "Function"
    }
]