There exists a stack buffer overflow in libjxl. A...
Moderate severity
Unreviewed
Published
Nov 25, 2024
to the GitHub Advisory Database
•
Updated Nov 25, 2024
Description
Published by the National Vulnerability Database
Nov 25, 2024
Published to the GitHub Advisory Database
Nov 25, 2024
Last updated
Nov 25, 2024
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend upgrading past commit 65fbec56bc578b6b6ee02a527be70787bbd053b0.
References