Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 426938 (CVE-2012-2806) - <media-libs/libjpeg-turbo-1.2.1: Heap-based buffer overflow when decompressing corrupt JPEG images (CVE-2012-2806)
Summary: <media-libs/libjpeg-turbo-1.2.1: Heap-based buffer overflow when decompressin...
Alias: CVE-2012-2806
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2012-07-17 05:29 UTC by taaroa
Modified: 2012-09-26 11:32 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description taaroa 2012-07-17 05:29:34 UTC
A Heap-based buffer overflow was found in the way libjpeg-turbo
decompressed certain corrupt JPEG images in which the component count
was erroneously set to a large value. An attacker could create a
specially-crafted JPEG image that, when opened, could cause an
application using libpng to crash or, possibly, execute arbitrary code
with the privileges of the user running the application.


This issue has been assigned CVE-2012-2806.

Upstream release of libjpeg-turbo-1.2.1 resolves this issue.

Reproducible: Always
Comment 1 Samuli Suominen (RETIRED) gentoo-dev 2012-07-17 12:06:26 UTC
Test and stabilize:

=media-libs/libjpeg-turbo-1.2.1 alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86
Comment 2 SpanKY gentoo-dev 2012-07-17 14:09:15 UTC
btw, this is the same fix that Samuli added to libjpeg-turbo-1.2.0-r2
Comment 3 Johannes Huber gentoo-dev 2012-07-17 14:49:23 UTC
x86 stable
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2012-07-17 15:53:41 UTC
Stable for HPPA.
Comment 5 Markos Chandras (RETIRED) gentoo-dev 2012-07-19 18:20:21 UTC
amd64 done
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2012-07-22 14:39:25 UTC
alpha/arm/ia64/m68k/s390/sh/sparc stable
Comment 7 Samuli Suominen (RETIRED) gentoo-dev 2012-07-31 04:13:33 UTC
ppc/ppc64 done

all arch's done
Comment 8 Sean Amoss (RETIRED) gentoo-dev Security 2012-07-31 11:05:47 UTC
Thanks, everyone.

GLSA draft ready for review.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-08-14 11:20:14 UTC
CVE-2012-2806 (
  Heap-based buffer overflow in the get_sos function in jdmarker.c in
  libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service
  (application crash) and possibly execute arbitrary code via a large
  component count in the header of a JPEG image.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2012-09-26 11:32:47 UTC
This issue was resolved and addressed in
 GLSA 201209-13 at
by GLSA coordinator Sean Amoss (ackle).