CVE-2020-35538
Summary
| CVE | CVE-2020-35538 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-31 16:15:00 UTC |
|---|
| Updated | 2022-09-20 17:39:00 UTC |
|---|
| Description | A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| jcopy_sample_rows() causes SIGSEGV · Issue #441 · libjpeg-turbo/libjpeg-turbo · GitHub |
MISC |
github.com |
|
| Fix jpeg_skip_scanlines() segfault w/merged upsamp · libjpeg-turbo/libjpeg-turbo@9120a24 · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 198956 Ubuntu Security Notification for libjpeg-turbo Vulnerabilities (USN-5631-1)
- 502735 Alpine Linux Security Update for libjpeg-turbo
- 672344 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2733)
- 672370 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2768)
- 672432 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2849)
- 672470 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2824)
- 752640 SUSE Enterprise Linux Security Update for libjpeg-turbo (SUSE-SU-2022:3475-1)
- 752653 SUSE Enterprise Linux Security Update for libjpeg-turbo (SUSE-SU-2022:3523-1)
- 903724 Common Base Linux Mariner (CBL-Mariner) Security Update for libjpeg-turbo (10816) (DEPRECATED)
- 903839 Common Base Linux Mariner (CBL-Mariner) Security Update for libjpeg-turbo (10824)
- 904098 Common Base Linux Mariner (CBL-Mariner) Security Update for libjpeg-turbo (10816-1)
- 904132 Common Base Linux Mariner (CBL-Mariner) Security Update for libjpeg-turbo (10824-1)
