libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

NIST reports :

- Heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

libjpeg-turbo releases reports :

This release fixes the following security issue :

- Heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

According to the versions of the libjpeg-turbo packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - In IJG JPEG (aka libjpeg) before 9d,     jpeg_mem_available() in jmemnobs.c in djpeg does not     honor the max_memory_to_use setting, possibly causing     excessive memory consumption.(CVE-2020-14152)

  - CodeIgniter through 4.0.0 allows remote attackers to     gain privileges via a modified Email ID to the 'Select     Role of the User' page. NOTE: A contributor to the     CodeIgniter framework argues that the issue should not     be attributed to CodeIgniter. Furthermore, the blog     post reference shows an unknown website built with the     CodeIgniter framework but that CodeIgniter is not     responsible for introducing this issue because the     framework has never provided a login screen, nor any     kind of login or user management facilities beyond a     Session library.(CVE-2020-13790)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the version of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :

  - libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a     heap-based buffer over-read in get_rgb_row() in rdppm.c     via a malformed PPM input file.(CVE-2020-13790)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-202010-03 (libjpeg-turbo: Information disclosure)

    It was discovered that libjpeg-turbo incorrectly handled certain PPM       files.
  Impact :

    A remote attacker could entice a user to open a specially crafted PPM       file using an application linked against libjpeg-turbo, possibly allowing       attacker to obtain sensitive information.
  Workaround :

    There is no known workaround at this time.

This update for libjpeg-turbo fixes the following issues :

  - CVE-2020-13790: Fixed a heap-based buffer over-read via     a malformed PPM input file (bsc#1172491).

This update was imported from the SUSE:SLE-15:Update update project.

This update for libjpeg-turbo fixes the following issues :

CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file (bsc#1172491).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the libjpeg-turbo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :

  - libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a     heap-based buffer over-read in get_rgb_row() in rdppm.c     via a malformed PPM input file.(CVE-2020-13790)

  - In IJG JPEG (aka libjpeg) before 9d,     jpeg_mem_available() in jmemnobs.c in djpeg does not     honor the max_memory_to_use setting, possibly causing     excessive memory consumption.(CVE-2020-14152)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - In IJG JPEG (aka libjpeg) before 9d,     jpeg_mem_available() in jmemnobs.c in djpeg does not     honor the max_memory_to_use setting, possibly causing     excessive memory consumption.(CVE-2020-14152)

  - CodeIgniter through 4.0.0 allows remote attackers to     gain privileges via a modified Email ID to the 'Select     Role of the User' page. NOTE: A contributor to the     CodeIgniter framework argues that the issue should not     be attributed to CodeIgniter. Furthermore, the blog     post reference shows an unknown website built with the     CodeIgniter framework but that CodeIgniter is not     responsible for introducing this issue because the     framework has never provided a login screen, nor any     kind of login or user management facilities beyond a     Session library.(CVE-2020-13790)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the version of the libjpeg-turbo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability :

  - libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a     heap-based buffer over-read in get_rgb_row() in rdppm.c     via a malformed PPM input file.(CVE-2020-13790)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several vulnerabilities were fixed in libjpeg-turbo, a widely used library for handling JPEG files.

CVE-2018-1152

Denial of service vulnerability caused by a divide by zero when processing a crafted BMP image in TJBench.

CVE-2018-14498

Denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.

CVE-2020-13790

Heap-based buffer over-read via a malformed PPM input file.

CVE-2020-14152

jpeg_mem_available() did not honor the max_memory_to_use setting, possibly causing excessive memory consumption.

For Debian 9 stretch, these problems have been fixed in version 1:1.5.1-2+deb9u1.

We recommend that you upgrade your libjpeg-turbo packages.

For the detailed security status of libjpeg-turbo please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/libjpeg-turbo

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Security fix for CVE-2020-13790

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

New libjpeg-turbo packages are available for Slackware 14.2 and
-current to fix a security issue.

An update of the libjpeg package has been released.

It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
142952	FreeBSD : mozjpeg -- heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file (040707f9-0b2a-11eb-8834-00155d01f202)	Nessus	FreeBSD Local Security Checks	high
142946	FreeBSD : libjpeg-turbo -- Issue in the PPM reader causing a buffer overrun in cjpeg, TJBench, or the tjLoadImage() function. (23a667c7-0b28-11eb-8834-00155d01f202)	Nessus	FreeBSD Local Security Checks	high
142536	EulerOS Virtualization 3.0.6.6 : libjpeg-turbo (EulerOS-SA-2020-2457)	Nessus	Huawei Local Security Checks	high
142314	EulerOS 2.0 SP2 : libjpeg-turbo (EulerOS-SA-2020-2359)	Nessus	Huawei Local Security Checks	high
141735	GLSA-202010-03 : libjpeg-turbo: Information disclosure	Nessus	Gentoo Local Security Checks	high
140893	EulerOS 2.0 SP3 : libjpeg-turbo (EulerOS-SA-2020-2126)	Nessus	Huawei Local Security Checks	high
140686	openSUSE Security Update : libjpeg-turbo (openSUSE-2020-1458)	Nessus	SuSE Local Security Checks	high
140571	openSUSE Security Update : libjpeg-turbo (openSUSE-2020-1413)	Nessus	SuSE Local Security Checks	high
140448	SUSE SLES12 Security Update : libjpeg-turbo (SUSE-SU-2020:2570-1)	Nessus	SuSE Local Security Checks	high
140447	SUSE SLED15 / SLES15 Security Update : libjpeg-turbo (SUSE-SU-2020:2569-1)	Nessus	SuSE Local Security Checks	high
140319	EulerOS Virtualization for ARM 64 3.0.2.0 : libjpeg-turbo (EulerOS-SA-2020-1949)	Nessus	Huawei Local Security Checks	high
140160	EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2020-1939)	Nessus	Huawei Local Security Checks	high
140013	EulerOS Virtualization for ARM 64 3.0.6.0 : libjpeg-turbo (EulerOS-SA-2020-1910)	Nessus	Huawei Local Security Checks	high
139245	Debian DLA-2302-1 : libjpeg-turbo security update	Nessus	Debian Local Security Checks	high
139140	EulerOS 2.0 SP8 : libjpeg-turbo (EulerOS-SA-2020-1810)	Nessus	Huawei Local Security Checks	high
137844	Fedora 32 : mingw-libjpeg-turbo (2020-86fa578c8d)	Nessus	Fedora Local Security Checks	high
137823	Slackware 14.2 / current : libjpeg-turbo (SSA:2020-176-02)	Nessus	Slackware Local Security Checks	high
137782	Photon OS 3.0: Libjpeg PHSA-2020-3.0-0104	Nessus	PhotonOS Local Security Checks	high
137717	Photon OS 2.0: Libjpeg PHSA-2020-2.0-0254	Nessus	PhotonOS Local Security Checks	high
137689	Fedora 32 : libjpeg-turbo (2020-f09ecf5985)	Nessus	Fedora Local Security Checks	high
137296	Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libjpeg-turbo vulnerability (USN-4386-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2020-13790

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high