Bug ID	1227170
Summary	VUL-0: CVE-2024-24792: neonmodem: golang.org/x/image/tiff: parsing of a corrupt or malicious image with invalid color indices can cause a panic
Classification	openSUSE
Product	openSUSE Distribution
Version	Leap 15.6
Hardware	Other
URL	https://smash.suse.de/issue/412299/
OS	Other
Status	NEW
Severity	Normal
Priority	P5 - None
Component	Security
Assignee	jkowalczyk@suse.com
Reporter	camila.matos@suse.com
QA Contact	security-team@suse.de
CC	camila.matos@suse.com, security-team@suse.de, smash_bz@suse.de
Blocks	1227158
Target Milestone	---
Found By	Security Response Team
Blocker	---

+++ This bug was initially created as a clone of Bug #1227158 +++

Parsing a corrupt or malicious image with invalid color indices can cause a
panic.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24792
https://www.cve.org/CVERecord?id=CVE-2024-24792
https://go.dev/cl/588115
https://go.dev/issue/67624
https://pkg.go.dev/vuln/GO-2024-2937

You are receiving this mail because:

You are on the CC list for the bug.