Description
A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally. The exploit is now public and may be used. The patch is identified as 94ec2deec3e3bf2f2e2ff84d008e27425d626fe2. Applying a patch is advised to resolve this issue.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 11 | | =2.2.10.1+dfsg-1 || =2.2.10.1+dfsg-1+deb11u1 || =2.2.13.1+dfsg-1 || =2.2.14.0+dfsg-1 || =2.2.16.0+dfsg-1 || =2.2.17.0+dfsg-1 || =2.2.17.0+dfsg-2 || =2.2.18.0+dfsg-1 || =2.2.18.0+dfsg-2 || =2.3.11.0+dfsg-1 || =2.3.12.0+dfsg-1 || =2.3.14.0+dfsg-1 || =2.3.14.0+dfsg-2 || =2.3.14.0+dfsg-3 || =2.3.17.0+dfsg-1 || =2.3.18.0+dfsg-1 || =2.3.18.0+dfsg-2 || =2.3.18.0+dfsg-3 || =2.3.18.0+dfsg-4 || =2.3.18.0+dfsg-5 || =2.3.18.0+dfsg-6 || =2.3.21.0+dfsg-1 || =2.3.8.0+dfsg-1 || =2.3.9.1+dfsg-1 || =2.4.12.0+dfsg-1 || =2.4.13.0+dfsg-1 || =2.4.14.0+dfsg-1 || =2.4.16.0+dfsg-1 || =2.4.17.0+dfsg-1 || =2.4.17.0+dfsg-1.1 || =2.4.7.1+dfsg-1 || =2.4.7.1+dfsg-2 || =2.4.9.0+dfsg-1 || =2.5.10.1+dfsg-1 || =2.5.12.0+dfsg-1 || =2.5.12.0+dfsg-2 || =2.5.14.0+dfsg-1 || =2.5.15.0+dfsg-1 || =2.5.16.0+dfsg-1 || =2.5.18.0+dfsg-1 || =2.5.19.1+dfsg-1 || =2.5.19.1+dfsg-2 || =2.5.7.0+dfsg-1 |
debian 12 | | =2.4.12.0+dfsg-1 || =2.4.13.0+dfsg-1 || =2.4.14.0+dfsg-1 || =2.4.16.0+dfsg-1 || =2.4.17.0+dfsg-1 || =2.4.17.0+dfsg-1.1 || =2.4.7.1+dfsg-2 || =2.4.9.0+dfsg-1 || =2.5.10.1+dfsg-1 || =2.5.12.0+dfsg-1 || =2.5.12.0+dfsg-2 || =2.5.14.0+dfsg-1 || =2.5.15.0+dfsg-1 || =2.5.16.0+dfsg-1 || =2.5.18.0+dfsg-1 || =2.5.19.1+dfsg-1 || =2.5.19.1+dfsg-2 || =2.5.7.0+dfsg-1 |
debian 13 | | =2.5.18.0+dfsg-1 || =2.5.19.1+dfsg-1 || =2.5.19.1+dfsg-2 |
debian 14 | | =2.5.18.0+dfsg-1 || =2.5.19.1+dfsg-1 || =2.5.19.1+dfsg-2 |
