iccDEV Buffer Handling Vulnerability in LUT Processing Functions
Vulnerability
A vulnerability exists in iccDEV versions prior to 2.3.1.6, specifically within the LUT iteration and dumping logic of the CIccCLUT and CIccMBB classes. This flaw leads to incorrect or incomplete output when processing certain ICC color profiles. The issue arises from the CIccCLUT::Iterate() function not properly propagating a buffer-size parameter during its recursive calls, which in turn affects the output generated by CIccMBB::Describe() via CLUT dumping. Additionally, the unpatched version leaves member pointers referencing stack arrays, creating potential safety concerns.
Impact
Exploitation of this vulnerability causes a denial-of-service condition by disrupting the correct processing of LUT data, which can lead to incomplete or erroneous color management operations.
Reproduction
The vulnerability can be reproduced by using the 'iccDumpProfile' tool included with iccDEV. After applying the patch, the tool can successfully process the 'BlacklightPoster_202143.icc' profile without missing data, demonstrating the effectiveness of the fix.
Remediation
Users can update to version 2.3.1.6 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.