Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB read access can either lead to a segfault, or rendering splines based on other process memory. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/757
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Google

Published: 2021-11-01T13:10:13.942562Z

Updated: 2024-09-17T02:10:45.898Z

Reserved: 2021-01-05T00:00:00

Link: CVE-2021-22563

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-01T13:15:07.657

Modified: 2024-11-21T05:50:19.807

Link: CVE-2021-22563

cve-icon Redhat

No data.