A vulnerability in the get_8bit_row function of libjpeg-turbo could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists in the get_8bit_row function, as defined in the rdbmp.c source code file of the affected software, and is due to improper processing of 8-bit .bmp files in which one or more of the color indices is out of range for the number of palette entries. An attacker could exploit this vulnerability by persuading a user to access an 8-bit .bmp file that submits malicious input to the targeted system. A successful exploit could trigger a heap-based buffer over-read condition that causes the affected software to crash, resulting in a DoS condition.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
libjpeg-turbo has confirmed the vulnerability and released software updates.
Security Impact Rating: Medium