Saturday, September 25, 2021

Huawei EulerOS: CVE-2021-20303: OpenEXR security update

Description
There is a flaw in OpenEXR's dataWindowForTile function. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well.
Solution(s)
  • huawei-euleros-2_0_sp8-upgrade-openexr-libs


  • References
  • https://attackerkb.com/topics/cve-2021-20303
  • CVE - 2021-20303
  • EulerOS-SA-2021-2477




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore