lcms2 Heap Buffer Overflow Vulnerability in Smooth2 Function Allowing Denial-of-Service
Vulnerability
A heap buffer overflow vulnerability has been identified in the Little CMS (lcms2) library version 2.16. The issue arises in the 'smooth2' function within 'cmsgamma.c', where numerical instability in array element calculations can lead to out-of-bounds memory access. This vulnerability allows remote attackers to cause a denial-of-service condition.
Impact
Exploitation of this vulnerability leads to a heap buffer overflow, which can commonly be used to execute arbitrary code or cause a denial-of-service condition by crashing the application.
Reproduction
The vulnerability can be reproduced using a provided proof-of-concept (POC) file. The POC must be extracted and used as input with the 'harness' application included in the Little CMS repository. This will trigger the heap buffer overflow by invoking the 'smooth2' function with crafted data that exploits the numerical instability in the array calculations.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.