| Название | strukturag libheif 1.21.2 Out-of-Bounds Read |
|---|
| Описание | This vulnerability is a sequence–track consistency validation flaw in libheif. A crafted file can declare more samples in stsz/stts than are actually covered by stsc. Track::load fails to reject this inconsistent state, allowing it to propagate. As a result, Track::init_sample_timing_table may compute an out-of-range chunkIdx, and Track_Visual::decode_next_image_sample subsequently dereferences m_chunks[chunkIdx] without proper bounds checking. This leads to a heap out-of-bounds read and a process crash (DoS). |
|---|
| Источник | ⚠️ https://github.com/strukturag/libheif/issues/1715 |
|---|
| Пользователь | Niebelungen (UID 95430) |
|---|
| Представление | 24.02.2026 11:34 (4 месяцы назад) |
|---|
| Модерация | 11.03.2026 13:03 (15 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 350382 [strukturag libheif до 1.21.2 stsz/stts track.cc Track::load раскрытие информации] |
|---|
| Баллы | 20 |
|---|