iccDEV Heap-Buffer-Overflow Vulnerability in IccTagXml Function

A heap-buffer-overflow vulnerability has been identified in the iccDEV library, specifically in the IccTagXml function. This vulnerability arises from improper handling of ICC color management profiles, leading to memory being accessed outside the bounds of allocated buffers. The issue was discovered while fuzzing the application with a crafted ICC profile file, which triggered a segmentation fault due to the buffer overflow. The vulnerability affects iccDEV versions prior to 2.3.1.2 and has been patched in version 2.3.1.2.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, which can commonly result in arbitrary code execution or causing the application to crash.

Reproduction

The vulnerability can be reproduced by using the AddressSanitizer tool to compile the iccDEV application with debugging information and memory error detection enabled. After compiling the application, it can be run with a crafted ICC profile file that triggers the heap-buffer-overflow. This can be done by using the 'iccToXml' command-line tool included in the iccDEV project, specifying the path to the malicious ICC file and an output path for the XML conversion.

Remediation

Users can update to iccDEV version 2.3.1.2 or later to address this vulnerability.