| عنوان | strukturag libheif 1.21.2 Out-of-Bounds Read |
|---|
| الوصف | This vulnerability is a sequence–track consistency validation flaw in libheif. A crafted file can declare more samples in stsz/stts than are actually covered by stsc. Track::load fails to reject this inconsistent state, allowing it to propagate. As a result, Track::init_sample_timing_table may compute an out-of-range chunkIdx, and Track_Visual::decode_next_image_sample subsequently dereferences m_chunks[chunkIdx] without proper bounds checking. This leads to a heap out-of-bounds read and a process crash (DoS). |
|---|
| المصدر | ⚠️ https://github.com/strukturag/libheif/issues/1715 |
|---|
| المستخدم | Niebelungen (UID 95430) |
|---|
| ارسال | 24/02/2026 11:34 AM (4 أشهر منذ) |
|---|
| الاعتدال | 11/03/2026 01:03 PM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 350382 [strukturag libheif حتى 1.21.2 stsz/stts track.cc Track::load الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|