DCMTK Memory Corruption Vulnerability in JPEG-LS Decoder

A critical memory corruption vulnerability has been identified in DCMTK version 3.6.9, specifically within the dcmjpls JPEG-LS Decoder component. This issue arises from insufficient validation of input data, allowing invalid JPEG-LS data to be processed and leading to a segmentation fault. The vulnerability can be exploited remotely, requires user interaction, and has been publicly disclosed along with a proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a denial-of-service condition by crashing the application. However, the memory corruption could potentially be exploited to execute arbitrary code, depending on the context in which the DCMTK library is used.

Reproduction

The vulnerability can be reproduced by using the DCMTK library version 3.6.9 and processing invalid JPEG-LS data with the dcmjpls JPEG-LS Decoder. This can be done by using the provided sample files, which contain the malformed JPEG-LS data that triggers the vulnerability.

Remediation

Users are advised to update to DCMTK version 3.7.0, where this vulnerability has been fixed. The patch is available for download from the DCMTK support site.