CVE-2021-46822
Summary
| CVE | CVE-2021-46822 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-06-18 16:15:00 UTC |
|---|
| Updated | 2022-08-15 15:52:00 UTC |
|---|
| Description | The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. |
|---|
NVD Known Affected Configurations (CPE 2.3)
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160495 Oracle Enterprise Linux Security Update for libjpeg-turbo (ELSA-2023-1068)
- 181884 Debian Security Update for libjpeg-turbo (CVE-2021-46822)
- 198956 Ubuntu Security Notification for libjpeg-turbo Vulnerabilities (USN-5631-1)
- 241239 Red Hat Update for libjpeg-turbo (RHSA-2023:1068)
- 355847 Amazon Linux Security Advisory for libjpeg-turbo : ALAS2-2023-2214
- 672087 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2296)
- 672100 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2325)
- 672136 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2430)
- 672154 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2417)
- 672164 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2442)
- 672185 EulerOS Security Update for libjpeg-turbo (EulerOS-SA-2022-2467)
- 902357 Common Base Linux Mariner (CBL-Mariner) Security Update for libjpeg-turbo (9956)
- 902493 Common Base Linux Mariner (CBL-Mariner) Security Update for libjpeg-turbo (9956-1)
- 940954 AlmaLinux Security Update for libjpeg-turbo (ALSA-2023:1068)
- 960670 Rocky Linux Security Update for libjpeg-turbo (RLSA-2023:1068)
