Vulnerabilities > CVE-2021-46822 - Out-of-bounds Write vulnerability in Libjpeg-Turbo

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL

Summary

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.

Vulnerable Configurations

Part Description Count
Application
Libjpeg-Turbo
1

Common Weakness Enumeration (CWE)