NVIDIA nvJPEG2000 Out-of-Bounds Write Vulnerability in Coding Style Component Allowing Arbitrary Code Execution

A vulnerability exists in the NVIDIA nvJPEG2000 library version 0.8.0, where an out-of-bounds write can be triggered by a specially crafted JPEG2000 file. This memory corruption issue could lead to arbitrary code execution and data tampering. The vulnerability arises in the Coding Style Component handling, where the library improperly validates the number of image components, allowing for exploitation by writing arbitrary data outside of allocated memory bounds.

Impact

Exploitation of this vulnerability can cause memory corruption, leading to arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using a crafted JPEG2000 file that exploits the out-of-bounds write in the Coding Style Component handling of the nvJPEG2000 library. This can be done by manipulating the 'SIZ' segment to control the 'Csiz' field, which indicates the number of components in the image. By setting 'Csiz' to a value larger than the actual number of components, the library will write beyond the allocated memory, creating a memory corruption vulnerability that can be exploited for arbitrary code execution.

Remediation

Users are advised to upgrade to NVIDIA nvJPEG2000 version 0.8.1, which addresses this vulnerability.