Security update for openexr SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:0670-1 Final 1 1 2021-05-05T11:24:32Z current 2021-05-05T11:24:32Z 2021-05-05T11:24:32Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for openexr This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185216). - CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers (bsc#1185217). - CVE-2021-20296: Fixed a Null Pointer dereference in Imf_2_5:hufUncompress (bsc#1184355). - CVE-2021-3477: Fixed a Heap-buffer-overflow in Imf_2_5::DeepTiledInputFile::readPixelSampleCounts (bsc#1184353). - CVE-2021-3479: Fixed an Out-of-memory caused by allocation of a very large buffer (bsc#1184354). This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-670 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRXYHURHLDTSCIDOVAICJNNLPZTJP6NQ/ E-Mail link for openSUSE-SU-2021:0670-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1184353 SUSE Bug 1184353 https://bugzilla.suse.com/1184354 SUSE Bug 1184354 https://bugzilla.suse.com/1184355 SUSE Bug 1184355 https://bugzilla.suse.com/1185216 SUSE Bug 1185216 https://bugzilla.suse.com/1185217 SUSE Bug 1185217 https://www.suse.com/security/cve/CVE-2021-20296/ SUSE CVE CVE-2021-20296 page https://www.suse.com/security/cve/CVE-2021-23215/ SUSE CVE CVE-2021-23215 page https://www.suse.com/security/cve/CVE-2021-26260/ SUSE CVE CVE-2021-26260 page https://www.suse.com/security/cve/CVE-2021-3477/ SUSE CVE CVE-2021-3477 page https://www.suse.com/security/cve/CVE-2021-3479/ SUSE CVE CVE-2021-3479 page openSUSE Leap 15.2 libIlmImf-2_2-23-2.2.1-lp152.7.14.1 libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 openexr-2.2.1-lp152.7.14.1 openexr-devel-2.2.1-lp152.7.14.1 openexr-doc-2.2.1-lp152.7.14.1 libIlmImf-2_2-23-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 openexr-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 openexr-devel-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 openexr-doc-2.2.1-lp152.7.14.1 as a component of openSUSE Leap 15.2 A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability. CVE-2021-20296 openSUSE Leap 15.2:libIlmImf-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-devel-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-doc-2.2.1-lp152.7.14.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRXYHURHLDTSCIDOVAICJNNLPZTJP6NQ/ https://www.suse.com/security/cve/CVE-2021-20296.html CVE-2021-20296 https://bugzilla.suse.com/1184354 SUSE Bug 1184354 https://bugzilla.suse.com/1184355 SUSE Bug 1184355 An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. CVE-2021-23215 openSUSE Leap 15.2:libIlmImf-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-devel-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-doc-2.2.1-lp152.7.14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRXYHURHLDTSCIDOVAICJNNLPZTJP6NQ/ https://www.suse.com/security/cve/CVE-2021-23215.html CVE-2021-23215 https://bugzilla.suse.com/1185216 SUSE Bug 1185216 An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215. CVE-2021-26260 openSUSE Leap 15.2:libIlmImf-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-devel-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-doc-2.2.1-lp152.7.14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRXYHURHLDTSCIDOVAICJNNLPZTJP6NQ/ https://www.suse.com/security/cve/CVE-2021-26260.html CVE-2021-26260 https://bugzilla.suse.com/1185217 SUSE Bug 1185217 There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability. CVE-2021-3477 openSUSE Leap 15.2:libIlmImf-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-devel-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-doc-2.2.1-lp152.7.14.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRXYHURHLDTSCIDOVAICJNNLPZTJP6NQ/ https://www.suse.com/security/cve/CVE-2021-3477.html CVE-2021-3477 https://bugzilla.suse.com/1184353 SUSE Bug 1184353 https://bugzilla.suse.com/1184354 SUSE Bug 1184354 There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability. CVE-2021-3479 openSUSE Leap 15.2:libIlmImf-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImf-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:libIlmImfUtil-2_2-23-32bit-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-devel-2.2.1-lp152.7.14.1 openSUSE Leap 15.2:openexr-doc-2.2.1-lp152.7.14.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRXYHURHLDTSCIDOVAICJNNLPZTJP6NQ/ https://www.suse.com/security/cve/CVE-2021-3479.html CVE-2021-3479 https://bugzilla.suse.com/1184354 SUSE Bug 1184354 https://bugzilla.suse.com/1191176 SUSE Bug 1191176