Integer Overflow or Wraparound in OpenCV
High severity
GitHub Reviewed
Published
Oct 12, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Aug 15, 2017
Reviewed
Oct 7, 2021
Published to the GitHub Advisory Database
Oct 12, 2021
Last updated
Feb 1, 2023
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 (corresponding to OpenCV-Python 3.3.0.9) and earlier.
References