iccDEV Undefined Behavior Vulnerability in IccTagLut.cpp Allowing Null Pointer Dereference

A vulnerability has been identified in iccDEV versions prior to 2.3.1.6, where the code in IccTagLut.cpp accesses members through a null pointer of type CIccApplyCLUT. This creates an Undefined Behavior (UB) issue, which can lead to crashes when processing certain ICC profiles. The vulnerability has been patched in version 2.3.1.6.

Impact

Exploiting this vulnerability can cause a crash in the 'iccRoundTrip' function, disrupting the application's normal operation and potentially leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by downloading the 'Turquoise_output.icc' file from the 'xsscx' GitHub repository, and then using the 'iccRoundTrip' command to process this ICC file. This will trigger the undefined behavior by accessing a member of a null pointer, which is reported by the UndefinedBehaviorSanitizer.

Remediation

Users can update to version 2.3.1.6 or later to address this vulnerability. Instructions for updating via NPM, Homebrew, Docker, and NixOS are available in the advisory.