An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the function ACLosslessScan::ParseMCU() located in aclosslessscan.cpp. It allows an attacker to cause Denial of Service.
The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libjpeg | Jpeg | * | 2020021 (including) |
| Libjpeg | Ubuntu | focal | * |
| Libjpeg | Ubuntu | trusty | * |
| Libjpeg | Ubuntu | upstream | * |
| Libjpeg | Ubuntu | xenial | * |
| Libjpeg-turbo | Ubuntu | trusty | * |
| Libjpeg6b | Ubuntu | hirsute | * |
| Libjpeg6b | Ubuntu | trusty | * |
| Libjpeg6b | Ubuntu | xenial | * |
| Libjpeg9 | Ubuntu | hirsute | * |
| Libjpeg9 | Ubuntu | xenial | * |
This Pillar covers several possibilities: