iccDEV Undefined Behavior Vulnerability in IccUtil.cpp Prior to Version 2.3.1.6

A vulnerability allowing undefined behavior has been identified in iccDEV, a toolset for managing ICC color profiles. This issue, present in versions prior to 2.3.1.6, arises in the IccUtil.cpp file, where a crafted ICC profile can trigger the vulnerability while using the iccDumpProfile tool. The undefined behavior involves an improper left shift operation on a 32-bit unsigned integer, which can lead to runtime errors and potentially allow for process crashes or unpredictable behavior.

Impact

Exploitation of this vulnerability can cause the process to crash or behave unpredictably, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by downloading a specific crafted ICC profile that triggers the undefined behavior when processed with the iccDumpProfile command. This can be done using wget to fetch the profile from a GitHub repository, and then running iccDumpProfile with the appropriate options to expose the vulnerability.

Remediation

Users can update to version 2.3.1.6 or later, where this vulnerability has been patched. Instructions for updating via npm, Homebrew, Docker, and NixOS are available in the GitHub advisory.