Volerion logoVolerion
Volerion logoVolerion

OpenEXR NULL Pointer Dereference Vulnerability in Deep Scanline Processing

Vulnerability

A NULL pointer dereference vulnerability has been identified in OpenEXR version 3.3.2. This issue occurs in the 'reduceMemory' mode when reading deep scanline images with a large sample count. The vulnerability can lead to a crash of the target application due to a NULL pointer being dereferenced during a write operation. The problem has been addressed in version 3.3.3.

Impact

Exploiting this vulnerability can cause a denial-of-service condition by crashing the application.

Reproduction

The vulnerability can be reproduced by compiling the 'exrcheck' binary with AddressSanitizer (ASAN) enabled, and then using this binary to open a crafted EXR file that triggers the NULL pointer dereference. The application will crash, and the ASAN stack trace will indicate the cause of the crash.

Remediation

Users can upgrade to OpenEXR version 3.3.3 to address this vulnerability.

Added: Jul 31, 2025, 9:16 PM
Updated: Jul 31, 2025, 9:16 PM

Vulnerability Rating

Custom Algorithm
spread
4.2
impact
2.5
exploitability
5.8
remediation
7.7
relevance
0.3
threat
6.4
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.