प्लेटफ़ॉर्म
c
घटक
libjxl
में ठीक किया गया
0.6.1
CVE-2021-22564 describes an out-of-bounds write vulnerability discovered in libjxl, a JPEG XL image codec library. This flaw allows a malicious actor to craft a JPEG XL image that, when decoded, can trigger a heap buffer overflow, potentially leading to a denial-of-service condition. The vulnerability affects versions of libjxl up to and including 0.6.0. Users are strongly advised to upgrade to a patched version of libjxl to address this security concern.
An attacker could exploit this vulnerability by providing a specially crafted JPEG XL image to an application using libjxl for decoding. The image's size, combined with the order in which groups are processed during multi-threaded decoding, can trigger an out-of-bounds write to the heap. This can overwrite critical memory regions, potentially leading to application crashes, arbitrary code execution, or other unpredictable behavior. The impact is particularly concerning in environments where libjxl is used to process untrusted image data, such as web servers or image processing pipelines. While the description doesn't explicitly mention remote code execution, heap overflows can often be leveraged for such attacks, depending on the surrounding code and memory layout.
CVE-2021-22564 was publicly disclosed on November 1, 2021. There is no indication of active exploitation campaigns targeting this vulnerability. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a relatively low probability of near-term exploitation, but the potential for heap-based attacks remains a concern.
Applications and systems that rely on libjxl to decode JPEG XL images are at risk. This includes image processing software, web servers serving JPEG XL content, and embedded devices using libjxl for image handling. Systems that process user-uploaded images are particularly vulnerable, as they are more likely to encounter malicious files.
• linux / server: Monitor libjxl process memory usage for unusual spikes during image decoding. Use lsof or ss to identify processes using libjxl and investigate any suspicious network connections.
lsof -p $(pidof libjxl)• generic web: Examine web server access logs for requests containing JPEG XL images with unusually large file sizes. Check error logs for any crashes or exceptions related to libjxl during image processing.
grep 'libjxl' /var/log/nginx/error.logdisclosure
एक्सप्लॉइट स्थिति
EPSS
0.04% (13% शतमक)
CVSS वेक्टर
The primary mitigation for CVE-2021-22564 is to upgrade to a patched version of libjxl. The vendor has not specified a fixed version, but upgrading to the latest available release is recommended. If upgrading is not immediately feasible, consider implementing input validation to reject JPEG XL images with sizes that could trigger the vulnerability. While a WAF or proxy cannot directly prevent this vulnerability, they can be configured to block known malicious JPEG XL files or patterns. There are no specific Sigma or YARA rules available for this vulnerability at this time, but monitoring memory usage and heap activity during image decoding can help detect potential exploitation attempts. After upgrading, confirm the fix by attempting to decode a known malicious JPEG XL image (if available) and verifying that no crash or unexpected behavior occurs.
Actualice la biblioteca libjxl a una versión posterior a 0.6.0. Alternativamente, aplique el parche proporcionado en https://github.com/libjxl/libjxl/pull/775 para corregir la vulnerabilidad.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2021-22564 is a medium severity vulnerability in libjxl versions up to 0.6.0 that allows a crafted JPEG XL image to trigger a heap buffer overflow, potentially leading to denial of service.
You are affected if you are using libjxl version 0.6.0 or earlier and process untrusted JPEG XL images.
Upgrade to a patched version of libjxl. Consult the libjxl project's website for the latest release and instructions.
There is currently no evidence of active exploitation campaigns targeting CVE-2021-22564.
Refer to the libjxl project's security advisories or GitHub repository for updates and information related to CVE-2021-22564.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।