Description
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscale_convert is called based of the value of the malicious DICOM file specifying the intended interpretation of the image pixel data
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 11 | | =3.0.10-1 || =3.0.10-1~bpo11+1 || =3.0.11-1 || =3.0.12-1 || =3.0.13-1 || =3.0.13-2 || =3.0.13-2~bpo11+1 || =3.0.13-3 || =3.0.14-1 || =3.0.16-1 || =3.0.17-1 || =3.0.17-1~bpo11+1 || =3.0.17-2 || =3.0.17-3 || =3.0.17-4 || =3.0.17-4~bpo11+1 || =3.0.17-5 || =3.0.20-1 || =3.0.20-2 || =3.0.20-3 || =3.0.20-3+hurd.1 || =3.0.21-1 || =3.0.21-2 || =3.0.22-1 || =3.0.22-2 || =3.0.22-2.1 || =3.0.22-2.1~exp1 || =3.0.22-3 || =3.0.24-1 || =3.0.24-1+hurd.1 || =3.0.24-2 || =3.0.24-3 || =3.0.24-3+hurd.1 || =3.0.24-4 || =3.0.24-5 || =3.0.24-5+hurd.1 || =3.0.24-5+hurd.2 || =3.0.24-6 || =3.0.24-7 || =3.0.24-8 || =3.0.24-9 || =3.0.8-2 || =3.0.8-3 || =3.0.8-4 |
debian 12 | | =3.0.21-1 || =3.0.21-2 || =3.0.22-1 || =3.0.22-2 || =3.0.22-2.1 || =3.0.22-2.1~exp1 || =3.0.22-3 || =3.0.24-1 || =3.0.24-1+hurd.1 || =3.0.24-2 || =3.0.24-3 || =3.0.24-3+hurd.1 || =3.0.24-4 || =3.0.24-5 || =3.0.24-5+hurd.1 || =3.0.24-5+hurd.2 || =3.0.24-6 || =3.0.24-7 || =3.0.24-8 || =3.0.24-9 |
debian 14 | | =3.0.24-5 || =3.0.24-5+hurd.1 || =3.0.24-5+hurd.2 || =3.0.24-6 || =3.0.24-7 || =3.0.24-8 || =3.0.24-9 |
debian 13 | | =3.0.24-5 || =3.0.24-5+hurd.1 || =3.0.24-5+hurd.2 || =3.0.24-6 || =3.0.24-7 || =3.0.24-8 || =3.0.24-9 |
