NVIDIA nvJPEG2000 Out-of-Bounds Write Vulnerability in Image Decoding Component

A vulnerability exists in the NVIDIA nvJPEG2000 library, specifically in version 0.8.0, where an out-of-bounds write can be triggered by a specially crafted JPEG2000 file. This memory corruption issue could potentially lead to arbitrary code execution and unauthorized data modification. The vulnerability arises because the library fails to properly validate component indices in the JPEG2000 file's codestream, allowing attackers to manipulate memory beyond allocated boundaries.

Impact

Exploitation of this vulnerability can cause memory corruption, leading to invalid pointer dereferences and potential arbitrary code execution. This is confirmed by a CVSS score of 9.8, indicating a critical vulnerability.

Reproduction

The vulnerability can be reproduced by using the nvJPEG2000 library to decode a crafted JPEG2000 file that exploits the out-of-bounds write condition. This can be done by creating a .jp2 file that includes a manipulated 'SIZ' segment, specifically targeting the 'Csiz' field to exceed the bounds of allocated component structures. The crafted file can then be processed with the nvJPEG2000 decoder, triggering the vulnerability.

Remediation

Users are advised to upgrade to NVIDIA nvJPEG2000 version 0.8.1, which addresses this vulnerability. The update is available on the NVIDIA nvJPEG2000 Downloads page.