CVE-2022-0545
Summary
| CVE | CVE-2022-0545 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-02-24 19:15:00 UTC |
|---|
| Updated | 2024-02-02 03:09:00 UTC |
|---|
| Description | An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Debian -- Security Information -- DSA-5176-1 blender |
DEBIAN |
www.debian.org |
|
| ⚓ T94629 Out-of-bounds memory access in IMB_flipy() due to large image dimensions |
MISC |
developer.blender.org |
|
| [SECURITY] [DLA 3060-1] blender security update |
MLIST |
lists.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 179769 Debian Security Update for blender (DLA 3060-1)
- 180806 Debian Security Update for blender (DSA 5176-1)
- 181938 Debian Security Update for blender (CVE-2022-0545)
- 710881 Gentoo Linux Blender Multiple Vulnerabilities (GLSA 202403-02)
