18 matches found
Debian DLA-3037-1 : libjpeg-turbo - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3037 advisory. Several integer overflows have been discovered in TurboJPEG, a JPEG image library, which can lead to a denial of service application crash if someone attempts to compress o...
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-2396)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : libjpeg-turbo (EulerOS-SA-2021-2396)
According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libjpeg-turbo all version have a stack-based buffer overflow in the 'transform' component. A remote attacker can send a malformed jpeg fi...
SUSE: Security Advisory (SUSE-SU-2019:2971-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : libjpeg-turbo (EulerOS-SA-2021-1810)
According to the version of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds check. This could lea...
EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2021-1686)
According to the version of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds check. This could lea...
EulerOS Virtualization for ARM 64 3.0.2.0 : libjpeg-turbo (EulerOS-SA-2021-1405)
According to the version of the libjpeg-turbo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing...
EulerOS Virtualization 3.0.2.6 : libjpeg-turbo (EulerOS-SA-2021-1438)
According to the versions of the libjpeg-turbo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds chec...
EulerOS 2.0 SP8 : libjpeg-turbo (EulerOS-SA-2020-1862)
According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image becau...
SUSE SLED15 / SLES15 Security Update : libjpeg-turbo (SUSE-SU-2019:2971-2)
This update for libjpeg-turbo fixes the following issues : CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. bsc1156402 Note that Tenable Network Security has extracted the preceding...
Security Bulletin: A security vulnerability has been identified in libjpeg-turbo shipped with PowerAI.
Summary Vulnerability CVE-2019-2201 found in libjpeg-turbo package. Vulnerability Details CVEID: CVE-2019-2201 DESCRIPTION: libjpeg-turbo could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow and subsequent heap corruption. By persuading a victim to...
openSUSE Security Update : libjpeg-turbo (openSUSE-2019-2530)
This update for libjpeg-turbo fixes the following issues : - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. bsc1156402 This update was imported from the SUSE:SLE-15:Update update projec...
openSUSE: Security Advisory for libjpeg-turbo (openSUSE-SU-2019:2530-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Updated libjpeg packages fix security vulnerability
The updated packages fix a security vulnerability: Several integer overflow issues and subsequent segfaults occur in libjpeg-turbo when attempting to compress or decompress gigapixel images. CVE-2019-2201...
Fedora 31 : libjpeg-turbo (2019-eee0d6c6f8)
Security fix for CVE-2019-2201. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
SUSE SLED15 / SLES15 Security Update : libjpeg-turbo (SUSE-SU-2019:2971-1)
This update for libjpeg-turbo fixes the following issues : CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. bsc1156402 Note that Tenable Network Security has extracted the preceding...
SUSE-SU-2019:2971-1 Security update for libjpeg-turbo
This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. bsc1156402...
CVE-2019-2201
CVE-2019-2201: Out-of-bounds write in generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S can enable remote code execution in unprivileged Android processes (Android 8.0–10). Root cause is a missing bounds check in the NEON path; exploitation requires user interaction. Remediation: Android ...