ProHoster > Blog > internet news > Vulnerability in the libjpeg-turbo library

Vulnerability in the libjpeg-turbo library

ProHoster Hosting - Unlimited hosting with a free website builder

В libjpeg-turbo, a library for encoding and decoding JPEG images, identified vulnerability (CVE-2019-2201), leading to an integer overflow and subsequent corruption of the heap contents when processing JPEG files in a certain way. Potentially, the vulnerability does not exclude the possibility of creating an exploit to organize code execution on the system (the attack requires processing a very large image with a resolution of 26755 x 26755).

Problem without unnecessary publicity fixed in release 2.0.3, but apparently eliminated not completely and additional attack vectors remain. In distributions the problem remains uncorrected (Debian, SUSE/openSUSE, RHEL, Fedora, Ubuntu).

Source: opennet.ru

ProHoster VPS - Affordable and reliable VPS servers with full root access

Buy reliable hosting for sites with DDoS protection, VPS VDS servers 🔥 Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster