{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5841", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "state": "PUBLISHED", "assignerShortName": "AHA", "dateReserved": "2023-10-29T23:41:19.153Z", "datePublished": "2024-02-01T18:28:05.892Z", "dateUpdated": "2025-02-13T17:25:51.153Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "OpenEXR", "vendor": "Academy Software Foundation", "versions": [{"lessThanOrEqual": "3.2.1", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "3.2.2"}, {"status": "unaffected", "version": "3.1.12"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "zenofex"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "WanderingGlitch"}, {"lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!"}], "datePublic": "2024-01-31T22:35:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX&nbsp;image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">v3.2.2 and v3.1.12 of the affected library.</span><br>"}], "value": "Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX\u00a0image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions\u00a0v3.2.2 and v3.1.12 of the affected library."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2024-02-25T02:06:23.585Z"}, "references": [{"url": "https://takeonme.org/cves/CVE-2023-5841.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/"}], "source": {"discovery": "EXTERNAL"}, "title": "OpenEXR Heap Overflow in Scanline Deep Data Parsing", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:24.651Z"}, "title": "CVE Program Container", "references": [{"url": "https://takeonme.org/cves/CVE-2023-5841.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*", "matchCriteriaId": "95B42B05-2815-4CB0-99A1-B19F587AA13C", "versionEndIncluding": "3.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX\u00a0image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions\u00a0v3.2.2 and v3.1.12 of the affected library."}, {"lang": "es", "value": "Debido a un fallo en la validaci\u00f3n del n\u00famero de muestras de l\u00edneas de escaneo de un archivo OpenEXR que contiene datos de l\u00edneas de escaneo profundas, la librer\u00eda de an\u00e1lisis de im\u00e1genes Academy Software Foundation OpenEX versi\u00f3n 3.2.1 y anteriores es susceptible a una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria."}], "id": "CVE-2023-5841", "lastModified": "2025-02-13T18:16:01.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-01T19:15:08.097", "references": [{"source": "cve@takeonme.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/"}, {"source": "cve@takeonme.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/"}, {"source": "cve@takeonme.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://takeonme.org/cves/CVE-2023-5841.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://takeonme.org/cves/CVE-2023-5841.html"}], "sourceIdentifier": "cve@takeonme.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "cve@takeonme.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8800", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "openexr-0:3.1.1-2.el9_4.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-04T00:00:00Z"}, {"advisory": "RHSA-2024:9548", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "openexr-0:3.1.1-2.el9_5.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-13T00:00:00Z"}, {"advisory": "RHSA-2024:8802", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "openexr-0:3.1.1-2.el9_0.1", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-11-04T00:00:00Z"}, {"advisory": "RHSA-2024:8801", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "openexr-0:3.1.1-2.el9_2.1", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-11-04T00:00:00Z"}], "bugzilla": {"description": "OpenEXR: Heap Overflow in Scanline Deep Data Parsing", "id": "2262397", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262397"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-122", "details": ["Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX\u00a0image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions\u00a0v3.2.2 and v3.1.12 of the affected library.", "A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanline data, allowing a read or write primitive based on the provided EXR file attributes. This flaw could be used to read or write memory to a compromised device through an attacker-placed EXR image."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-5841", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "OpenEXR", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "OpenEXR", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gimp:flatpak/OpenEXR", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "OpenEXR", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2024-02-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-5841\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-5841\nhttps://takeonme.org/cves/CVE-2023-5841.html#"], "statement": "The heap-based buffer overflow vulnerability identified in the Academy Software Foundation's OpenEXR image parsing library represents an important security concern due to its potential for severe consequences and wide-reaching impact. By exploiting this vulnerability, attackers can execute arbitrary code or perform unauthorized read/write operations on affected systems. This ability to manipulate system memory poses a significant risk to data integrity, confidentiality, and system stability. Moreover, the vulnerability's presence in a widely-used image parsing library amplifies its severity. The ability to execute such attacks without user interaction, known as a 0-click attack surface, further amplifies the risk.", "threat_severity": "Important"}