CVE-2021-45942

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
openexropenexr
3.1.0 ≤
𝑥
< 3.1.4
debiandebian_linux
10.0
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openexr
bookworm
3.1.5-5
fixed
bullseye
2.5.4-2+deb11u1
fixed
bullseye (security)
2.5.4-2+deb11u1
fixed
sid
3.1.5-5.1
fixed
stretch
no-dsa
trixie
3.1.5-5.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openexr
bionic
needed
focal
needed
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
ignored
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libIlmImf-2_2-23
suse enterprise desktop 15 SP3
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP4
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP5
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP6
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP7
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP3
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP4
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP5
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP6
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP7
2.2.1-3.41.1
fixed
suse enterprise server 15 SP3
2.2.1-3.41.1
fixed
suse enterprise server 15 SP4
2.2.1-3.41.1
fixed
suse enterprise server 15 SP5
2.2.1-3.41.1
fixed
suse enterprise server 15 SP6
2.2.1-3.41.1
fixed
suse enterprise server 15 SP7
2.2.1-3.41.1
fixed
libIlmImf-Imf_2_1-21
suse enterprise sap 12 SP5
2.1.0-6.45.1
fixed
suse enterprise server 12 SP3
2.1.0-6.45.1
fixed
suse enterprise server 12 SP5
2.1.0-6.45.1
fixed
libIlmImfUtil-2_2-23
suse enterprise desktop 15 SP3
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP4
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP5
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP6
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP7
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP3
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP4
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP5
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP6
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP7
2.2.1-3.41.1
fixed
suse enterprise server 15 SP3
2.2.1-3.41.1
fixed
suse enterprise server 15 SP4
2.2.1-3.41.1
fixed
suse enterprise server 15 SP5
2.2.1-3.41.1
fixed
suse enterprise server 15 SP6
2.2.1-3.41.1
fixed
suse enterprise server 15 SP7
2.2.1-3.41.1
fixed
openexr
suse enterprise sap 12 SP5
2.1.0-6.45.1
fixed
suse enterprise server 12 SP3
2.1.0-6.45.1
fixed
suse enterprise server 12 SP5
2.1.0-6.45.1
fixed
openexr-devel
suse enterprise desktop 15 SP3
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP4
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP5
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP6
2.2.1-3.41.1
fixed
suse enterprise desktop 15 SP7
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP3
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP4
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP5
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP6
2.2.1-3.41.1
fixed
suse enterprise sap 15 SP7
2.2.1-3.41.1
fixed
suse enterprise server 15 SP3
2.2.1-3.41.1
fixed
suse enterprise server 15 SP4
2.2.1-3.41.1
fixed
suse enterprise server 15 SP5
2.2.1-3.41.1
fixed
suse enterprise server 15 SP6
2.2.1-3.41.1
fixed
suse enterprise server 15 SP7
2.2.1-3.41.1
fixed
Common Weakness Enumeration
References
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
https://github.com/AcademySoftwareFoundation/openexr/blob/v3.1.4/CHANGES.md#version-314-january-26-2022
https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e
https://github.com/AcademySoftwareFoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0
https://github.com/AcademySoftwareFoundation/openexr/pull/1209
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.1.4
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openexr/OSV-2021-1627.yaml
https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6TEZDE2S2DB4BF4LZSSV4W3DNW7DSRHJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJ5PW4WNXBKCRFGDZGAQOSVH2BKZKL4X/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XJUK7WIQV5EKWTCZBRXFN6INHG6MLS5O/
https://security.gentoo.org/glsa/202210-31
https://www.debian.org/security/2022/dsa-5299
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
https://github.com/AcademySoftwareFoundation/openexr/blob/v3.1.4/CHANGES.md#version-314-january-26-2022
https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e
https://github.com/AcademySoftwareFoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0
https://github.com/AcademySoftwareFoundation/openexr/pull/1209
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.1.4
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openexr/OSV-2021-1627.yaml
https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6TEZDE2S2DB4BF4LZSSV4W3DNW7DSRHJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJ5PW4WNXBKCRFGDZGAQOSVH2BKZKL4X/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XJUK7WIQV5EKWTCZBRXFN6INHG6MLS5O/
https://security.gentoo.org/glsa/202210-31
https://www.debian.org/security/2022/dsa-5299