Bug ID 1227158
Summary VUL-0: CVE-2024-24792: app-builder: golang.org/x/image/tiff: parsing of a corrupt or malicious image with invalid color indices can cause a panic
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.6
Hardware Other
URL https://smash.suse.de/issue/412299/
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee brunopitrus@hotmail.com
Reporter smash_bz@suse.de
QA Contact security-team@suse.de
CC camila.matos@suse.com
Target Milestone ---
Found By Security Response Team
Blocker ---

Parsing a corrupt or malicious image with invalid color indices can cause a
panic.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-24792
https://www.cve.org/CVERecord?id=CVE-2024-24792
https://go.dev/cl/588115
https://go.dev/issue/67624
https://pkg.go.dev/vuln/GO-2024-2937


You are receiving this mail because: