iccDEV Use-After-Free Vulnerability in CIccXform::Create() Function
Vulnerability
A use-after-free vulnerability has been identified in the iccDEV library, specifically in versions prior to 2.3.1.1. The issue arises in the CIccXform::Create() function, where the hint manager improperly deletes a hint, leading to potential memory management issues. This vulnerability is critical, with a CVSS score of 9.8, and allows for exploitation in color profile processing without requiring user interaction or privileges.
Impact
Exploitation of this vulnerability can lead to a use-after-free condition, where memory is freed while still in use, potentially allowing for arbitrary code execution or causing a program to crash.
Reproduction
The vulnerability can be reproduced by processing an ICC color profile with a version of iccDEV prior to 2.3.1.1. The CIccXform::Create() function will be called with a named color hint, which is then improperly managed by the hint manager, creating the use-after-free condition.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.