DescriptionMultiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v220.127.116.11. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having not set severity.No SUSE Bugzilla entries cross referenced. No SUSE Security Announcements cross referenced.
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA OpenImageIO-18.104.22.168-1.1
SUSE Timeline for this CVECVE page created: Fri Dec 23 01:00:50 2022
CVE page last modified: Sat Dec 31 01:26:13 2022