SAIL Image Decoding Library WebP Integer Overflow Vulnerability Leading to Remote Code Execution

A memory corruption vulnerability has been identified in the SAIL Image Decoding Library version 0.9.8, specifically within the WebP image decoding functionality. The vulnerability arises when the library processes a specially crafted .webp animation file. An integer overflow occurs during the calculation of the stride for decoding, which subsequently leads to a heap-based buffer overflow. This memory corruption can be exploited to execute remote code. To trigger this vulnerability, an attacker must convince the library to read a file containing the malicious .webp animation.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, a type of memory corruption that can lead to remote code execution.

Reproduction

The vulnerability can be reproduced by using the SAIL Image Decoding Library to decode a crafted WebP animation file that exploits the integer overflow in the stride calculation. This can be done by creating a WebP file with specific dimensions that trigger the overflow when the library attempts to decode it.

Remediation

Users are advised to update to the patched version of the SAIL Image Decoding Library, which is available on the official SAIL website.