ALAS-2023-022

2024-02-15: CVE-2021-20304 was added to this advisory.

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability. (CVE-2021-20304)

An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t is less than 64 bits. This issue could cause an invalid bytesPerLine and maxBytesPerLine value, which leads to problems with application stability or other attack paths. (CVE-2021-3933)

In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR. (CVE-2021-3941)

aarch64:
    openexr-libs-debuginfo-3.1.5-1.amzn2023.0.3.aarch64
    openexr-debuginfo-3.1.5-1.amzn2023.0.3.aarch64
    openexr-3.1.5-1.amzn2023.0.3.aarch64
    openexr-libs-3.1.5-1.amzn2023.0.3.aarch64
    openexr-devel-3.1.5-1.amzn2023.0.3.aarch64
    openexr-debugsource-3.1.5-1.amzn2023.0.3.aarch64

src:
    openexr-3.1.5-1.amzn2023.0.3.src

x86_64:
    openexr-libs-debuginfo-3.1.5-1.amzn2023.0.3.x86_64
    openexr-3.1.5-1.amzn2023.0.3.x86_64
    openexr-libs-3.1.5-1.amzn2023.0.3.x86_64
    openexr-debuginfo-3.1.5-1.amzn2023.0.3.x86_64
    openexr-debugsource-3.1.5-1.amzn2023.0.3.x86_64
    openexr-devel-3.1.5-1.amzn2023.0.3.x86_64