CVE-2015-8397 in DICOM
Summary
by MITRE
The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 08/21/2025
The vulnerability CVE-2015-8397 affects Grassroots DICOM (GDCM) versions prior to 2.6.2 and resides within the JPEGLSCodec::DecodeExtent function in the MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx file. This flaw represents a critical security issue in medical imaging software that processes DICOM (Digital Imaging and Communications in Medicine) files, which are standard formats used in healthcare environments for storing and transmitting medical images. The vulnerability specifically targets the handling of JPEG-LS compressed image data embedded within DICOM files, creating potential security risks in healthcare IT infrastructure where such files are commonly processed.
The technical implementation of this vulnerability stems from improper bounds checking during the decoding process of JPEG-LS compressed image data. When processing DICOM files containing embedded JPEG-LS images, the function fails to validate that the specified decoding region dimensions do not exceed the actual image dimensions. This oversight creates a scenario where an attacker can craft malicious DICOM files with embedded JPEG-LS images that have dimensions larger than the selected decoding region. The flaw manifests as an out-of-bounds read condition that can be exploited through careful manipulation of the image metadata within the DICOM file structure.
The operational impact of this vulnerability extends beyond simple denial of service to potentially expose sensitive process memory contents. Remote attackers can leverage this vulnerability to either cause application crashes that result in denial of service or to extract sensitive information from the application's memory space. In healthcare environments where GDCM is used for medical image processing, this could lead to unauthorized data access or system disruption during critical medical imaging operations. The vulnerability affects both two-dimensional and three-dimensional DICOM image files, amplifying its potential impact across various medical imaging scenarios including radiology, cardiology, and other specialty imaging modalities.
This vulnerability aligns with CWE-129, which addresses improper validation of array indices, and can be categorized under ATT&CK technique T1059 for remote code execution through application vulnerabilities. The flaw demonstrates poor input validation practices in medical imaging software, where the application fails to properly sanitize the dimensions specified for JPEG-LS image decoding. The attack vector requires the victim to process a specially crafted DICOM file containing maliciously constructed JPEG-LS data, making it particularly dangerous in environments where automatic processing of medical images occurs. Organizations using GDCM for medical image handling should consider this vulnerability as part of their cybersecurity risk assessment, especially in healthcare environments where system availability and data integrity are paramount. The fix implemented in GDCM 2.6.2 addresses the core bounds checking issue by ensuring proper validation of image dimensions before attempting to decode embedded JPEG-LS content, thereby preventing both the denial of service and information disclosure aspects of this vulnerability.