A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A specially-crafted .dds can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openimageio | Openimageio | 2.3.19.0 (including) | 2.3.19.0 (including) |
Openimageio | Openimageio | 2.4.4.2 (including) | 2.4.4.2 (including) |
Openimageio | Ubuntu | bionic | * |
Openimageio | Ubuntu | kinetic | * |
Openimageio | Ubuntu | lunar | * |
Openimageio | Ubuntu | mantic | * |
Openimageio | Ubuntu | trusty | * |
Openimageio | Ubuntu | xenial | * |