Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 856037 (CVE-2022-34000)

Summary: <media-libs/libjxl-0.7.0_pre20220825: assertion failure (with further impact?)
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: normal CC: dnovomesky, proxy-maint
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/libjxl/libjxl/issues/1477
See Also: https://github.com/gentoo/gentoo/pull/27119
Whiteboard: B? [stable?]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-03 02:03:53 UTC
CVE-2022-34000:

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-18 01:04:13 UTC
Looks like this is the patch:

https://github.com/libjxl/libjxl/commit/aff17c4a57eb1e4d7ef00ea728d33cdb5b2ca9da

So I guess we need another prerelease snapshot. The reporter's crash log has this, which *seemingly* indicates bad instructions were being run somehow, though I don't understand how that's possible via an assertion:

[1]    888096 illegal hardware instruction  ./decode_oneshot /tmp/poc /dev/null /dev/null

Maintainer, please bump.
Comment 2 Daniel Novomesk√Ĺ 2022-09-02 16:26:47 UTC
libjxl is at v0.7rc now but there are some fixes in v0.7.x afterwards.

I am not sure now if to bump to the release candidate or it is better to wait till 0.7.0 is finished.
Comment 3 Larry the Git Cow gentoo-dev 2022-09-14 18:18:33 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4f8700605508d306aab8214eeb93fd55a00921a2

commit 4f8700605508d306aab8214eeb93fd55a00921a2
Author:     Daniel Novomesky <dnovomesky@gmail.com>
AuthorDate: 2022-09-02 19:43:46 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2022-09-14 18:12:48 +0000

    media-libs/libjxl: version bump to 20220825 snapshot
    
    Bug: https://bugs.gentoo.org/856037
    Package-Manager: Portage-3.0.30, Repoman-3.0.3
    Signed-off-by: Daniel Novomesky <dnovomesky@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/27119
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 media-libs/libjxl/Manifest                        |  1 +
 media-libs/libjxl/libjxl-0.7.0_pre20220825.ebuild | 74 +++++++++++++++++++++++
 2 files changed, 75 insertions(+)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-09-14 18:31:33 UTC
Thanks! Please stabilize when ready