An update for OpenEXR is now available for openEuler-20.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2021-1268 Final 1.0 1.0 2021-07-17 Initial 2021-07-17 2021-07-17 openEuler SA Tool V1.0 2021-07-17 OpenEXR security update An update for OpenEXR is now available for openEuler-20.03-LTS-SP1. OpenEXR is a high dynamic-range (HDR) image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fix(es): There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.(CVE-2021-3598) An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.(CVE-2020-11759) An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.(CVE-2020-15306) An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.(CVE-2020-11763) An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.(CVE-2020-11761) An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.(CVE-2020-11765) An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.(CVE-2020-11760) An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.(CVE-2020-15305) An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.(CVE-2020-11758) An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.(CVE-2020-11764) An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.(CVE-2020-11762) An update for OpenEXR is now available for openEuler-20.03-LTS-SP1. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium OpenEXR https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-3598 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11759 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-15306 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11763 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11761 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11765 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11760 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-15305 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11758 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11764 https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-11762 https://nvd.nist.gov/vuln/detail/CVE-2021-3598 https://nvd.nist.gov/vuln/detail/CVE-2020-11759 https://nvd.nist.gov/vuln/detail/CVE-2020-15306 https://nvd.nist.gov/vuln/detail/CVE-2020-11763 https://nvd.nist.gov/vuln/detail/CVE-2020-11761 https://nvd.nist.gov/vuln/detail/CVE-2020-11765 https://nvd.nist.gov/vuln/detail/CVE-2020-11760 https://nvd.nist.gov/vuln/detail/CVE-2020-15305 https://nvd.nist.gov/vuln/detail/CVE-2020-11758 https://nvd.nist.gov/vuln/detail/CVE-2020-11764 https://nvd.nist.gov/vuln/detail/CVE-2020-11762 openEuler-20.03-LTS-SP1 OpenEXR-debuginfo-2.2.0-22.oe1.aarch64.rpm OpenEXR-devel-2.2.0-22.oe1.aarch64.rpm OpenEXR-libs-2.2.0-22.oe1.aarch64.rpm OpenEXR-2.2.0-22.oe1.aarch64.rpm OpenEXR-debugsource-2.2.0-22.oe1.aarch64.rpm OpenEXR-2.2.0-22.oe1.src.rpm OpenEXR-devel-2.2.0-22.oe1.x86_64.rpm OpenEXR-libs-2.2.0-22.oe1.x86_64.rpm OpenEXR-debugsource-2.2.0-22.oe1.x86_64.rpm OpenEXR-debuginfo-2.2.0-22.oe1.x86_64.rpm OpenEXR-2.2.0-22.oe1.x86_64.rpm There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability. 2021-07-17 CVE-2021-3598 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer. 2021-07-17 CVE-2020-11759 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. 2021-07-17 CVE-2020-15306 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. 2021-07-17 CVE-2020-11763 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. 2021-07-17 CVE-2020-11761 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. 2021-07-17 CVE-2020-11765 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. 2021-07-17 CVE-2020-11760 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. 2021-07-17 CVE-2020-15305 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. 2021-07-17 CVE-2020-11758 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. 2021-07-17 CVE-2020-11764 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268 An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. 2021-07-17 CVE-2020-11762 openEuler-20.03-LTS-SP1 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H OpenEXR security update 2021-07-17 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1268