| Titel | strukturag libheif 1.21.2 Out-of-Bounds Read |
|---|
| Beschreibung | This vulnerability is a sequence–track consistency validation flaw in libheif. A crafted file can declare more samples in stsz/stts than are actually covered by stsc. Track::load fails to reject this inconsistent state, allowing it to propagate. As a result, Track::init_sample_timing_table may compute an out-of-range chunkIdx, and Track_Visual::decode_next_image_sample subsequently dereferences m_chunks[chunkIdx] without proper bounds checking. This leads to a heap out-of-bounds read and a process crash (DoS). |
|---|
| Quelle | ⚠️ https://github.com/strukturag/libheif/issues/1715 |
|---|
| Benutzer | Niebelungen (UID 95430) |
|---|
| Einreichung | 24.02.2026 11:34 (vor 3 Monaten) |
|---|
| Moderieren | 11.03.2026 13:03 (15 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 350382 [strukturag libheif bis 1.21.2 stsz/stts track.cc Track::load Information Disclosure] |
|---|
| Punkte | 20 |
|---|