FFMPEG Package in JPEG XL Format Contains Security Vulnerabilities
Information has been released regarding two security vulnerabilities in the JPEG XL format provided in the FFMPEG package. These vulnerabilities can be exploited to execute attacker code when processing specially crafted images in FFMPEG. The issues were addressed in the release of FFMPEG 6.1. However, it should be noted that the vulnerabilities affect only systems using FFMPEG 6.1 experimental assemblies or transmitting changes from them [1].
The first vulnerability (CVE-2024-22860) is an integer overflow in the JPEG XL parser. This vulnerability occurred due to the lack of verification for exceeding the size of the int type. The second vulnerability (CVE-2024-22862) is related to an integrated overflow in the JPEGXL_anim_Riread_packet function, which improperly used the int64_t type instead of the unaligned Uint64_t type. This vulnerability was identified in FFMPEG and has been fixed [2].
Notably, these issues are specific to FFMPEG and do not affect the reference implementation, libjxl [3].
| References: |
|---|
| [1] CVE-2024-22860 |
| [2] CVE-2024-22862 |
| [3] libjxl |