CVE-2020-11759

An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
openexropenexr
𝑥
< 2.4.1
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.10
canonicalubuntu_linux
20.04
debiandebian_linux
9.0
debiandebian_linux
10.0
appleicloud
𝑥
< 7.20
appleicloud
10.0 ≤
𝑥
< 11.3
appleitunes
𝑥
< 12.10.8
appleipados
𝑥
< 13.6
appleiphone_os
𝑥
< 13.6
applemac_os_x
10.13.0 ≤
𝑥
< 10.13.6
applemac_os_x
10.14.0 ≤
𝑥
< 10.14.6
applemac_os_x
10.15 ≤
𝑥
< 10.15.6
applemac_os_x
10.13.6
applemac_os_x
10.13.6:security_update_2018-002
applemac_os_x
10.13.6:security_update_2018-003
applemac_os_x
10.13.6:security_update_2019-001
applemac_os_x
10.13.6:security_update_2019-002
applemac_os_x
10.13.6:security_update_2019-003
applemac_os_x
10.13.6:security_update_2019-004
applemac_os_x
10.13.6:security_update_2019-005
applemac_os_x
10.13.6:security_update_2019-006
applemac_os_x
10.13.6:security_update_2019-007
applemac_os_x
10.13.6:security_update_2020-001
applemac_os_x
10.13.6:security_update_2020-002
applemac_os_x
10.13.6:security_update_2020-003
applemac_os_x
10.14.6
applemac_os_x
10.14.6:security_update_2019-001
applemac_os_x
10.14.6:security_update_2019-002
applemac_os_x
10.14.6:security_update_2019-004
applemac_os_x
10.14.6:security_update_2019-005
applemac_os_x
10.14.6:security_update_2019-006
applemac_os_x
10.14.6:security_update_2019-007
applemac_os_x
10.14.6:security_update_2020-001
applemac_os_x
10.14.6:security_update_2020-002
applemac_os_x
10.14.6:security_update_2020-003
appletvos
𝑥
< 13.4.8
applewatchos
𝑥
< 6.2.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openexr
bullseye (security)
2.5.4-2+deb11u1
fixed
bullseye
2.5.4-2+deb11u1
fixed
jessie
not-affected
bookworm
3.1.5-5
fixed
sid
3.1.5-5.1
fixed
trixie
3.1.5-5.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openexr
focal
Fixed 2.3.0-6ubuntu0.1
released
eoan
Fixed 2.2.1-4.1ubuntu1.1
released
bionic
Fixed 2.2.0-11.1ubuntu1.2
released
xenial
Fixed 2.2.0-10ubuntu2.2
released
trusty
dne
Common Weakness Enumeration
References
https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1
https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3/
https://security.gentoo.org/glsa/202107-27
https://support.apple.com/kb/HT211288
https://support.apple.com/kb/HT211289
https://support.apple.com/kb/HT211290
https://support.apple.com/kb/HT211291
https://support.apple.com/kb/HT211293
https://support.apple.com/kb/HT211294
https://support.apple.com/kb/HT211295
https://usn.ubuntu.com/4339-1/
https://www.debian.org/security/2020/dsa-4755
https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1
https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3/
https://security.gentoo.org/glsa/202107-27
https://support.apple.com/kb/HT211288
https://support.apple.com/kb/HT211289
https://support.apple.com/kb/HT211290
https://support.apple.com/kb/HT211291
https://support.apple.com/kb/HT211293
https://support.apple.com/kb/HT211294
https://support.apple.com/kb/HT211295
https://usn.ubuntu.com/4339-1/
https://www.debian.org/security/2020/dsa-4755