CVE-2018-20330
21.12.2018, 09:29
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libjpeg-turbo | libjpeg-turbo | 2.0.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libjpeg62 |
| ||||||||||||||||||||||||
| libjpeg62-devel |
| ||||||||||||||||||||||||
| libjpeg8 |
| ||||||||||||||||||||||||
| libjpeg8-32bit |
| ||||||||||||||||||||||||
| libjpeg8-devel |
| ||||||||||||||||||||||||
| libturbojpeg0 |
|