Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "libjpeg-turbo8-dbg": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo-test-dbgsym": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo-progs": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo-test": "1.3.0-0ubuntu2.1+esm2", "libturbojpeg": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo8-dev-dbgsym": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo8-dev": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo8-dbgsym": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo8": "1.3.0-0ubuntu2.1+esm2", "libjpeg-turbo-progs-dbgsym": "1.3.0-0ubuntu2.1+esm2", "libturbojpeg-dbgsym": "1.3.0-0ubuntu2.1+esm2" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "libjpeg-turbo8-dbg": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo-test-dbgsym": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo-progs": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo-test": "1.4.2-0ubuntu3.4+esm1", "libturbojpeg": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo8-dev-dbgsym": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo8-dev": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo8-dbgsym": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo8": "1.4.2-0ubuntu3.4+esm1", "libjpeg-turbo-progs-dbgsym": "1.4.2-0ubuntu3.4+esm1", "libturbojpeg-dbgsym": "1.4.2-0ubuntu3.4+esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libjpeg-turbo8-dbg": "1.5.2-0ubuntu5.18.04.6", "libjpeg-turbo-test-dbgsym": "1.5.2-0ubuntu5.18.04.6", "libjpeg-turbo-progs": "1.5.2-0ubuntu5.18.04.6", "libjpeg-turbo-test": "1.5.2-0ubuntu5.18.04.6", "libturbojpeg": "1.5.2-0ubuntu5.18.04.6", "libjpeg-turbo8-dev": "1.5.2-0ubuntu5.18.04.6", "libturbojpeg0-dev": "1.5.2-0ubuntu5.18.04.6", "libjpeg-turbo8": "1.5.2-0ubuntu5.18.04.6", "libjpeg-turbo-progs-dbgsym": "1.5.2-0ubuntu5.18.04.6", "libturbojpeg-dbgsym": "1.5.2-0ubuntu5.18.04.6" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libjpeg-turbo8-dbg": "2.0.3-0ubuntu1.20.04.3", "libjpeg-turbo-test-dbgsym": "2.0.3-0ubuntu1.20.04.3", "libjpeg-turbo-progs": "2.0.3-0ubuntu1.20.04.3", "libjpeg-turbo-test": "2.0.3-0ubuntu1.20.04.3", "libturbojpeg": "2.0.3-0ubuntu1.20.04.3", "libjpeg-turbo8-dev": "2.0.3-0ubuntu1.20.04.3", "libturbojpeg0-dev": "2.0.3-0ubuntu1.20.04.3", "libjpeg-turbo8": "2.0.3-0ubuntu1.20.04.3", "libjpeg-turbo-progs-dbgsym": "2.0.3-0ubuntu1.20.04.3", "libturbojpeg-dbgsym": "2.0.3-0ubuntu1.20.04.3" } ] }