Unrated severityNVD Advisory· Published Jun 1, 2021· Updated Aug 4, 2024
CVE-2020-17541
CVE-2020-17541
Description
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
26- Libjpeg-turbo/Libjpeg-turbodescription
- osv-coords24 versionspkg:rpm/almalinux/libjpeg-turbopkg:rpm/almalinux/libjpeg-turbo-develpkg:rpm/almalinux/libjpeg-turbo-utilspkg:rpm/almalinux/turbojpegpkg:rpm/almalinux/turbojpeg-develpkg:rpm/opensuse/libjpeg62-turbo&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/libjpeg62-turbo&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libjpeg-turbo&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/libjpeg-turbo&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/libjpeg62-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/libjpeg62-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/libjpeg62-turbo&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libjpeg62-turbo&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libjpeg62-turbo&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libjpeg-turbo&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 1.5.3-12.el8+ 23 more
- (no CPE)range: < 1.5.3-12.el8
- (no CPE)range: < 1.5.3-12.el8
- (no CPE)range: < 1.5.3-12.el8
- (no CPE)range: < 1.5.3-12.el8
- (no CPE)range: < 1.5.3-12.el8
- (no CPE)range: < 1.5.3-lp152.8.6.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-lp152.8.6.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-31.25.1
- (no CPE)range: < 1.5.3-31.25.1
- (no CPE)range: < 1.5.3-31.25.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-5.18.1
- (no CPE)range: < 1.5.3-31.25.1
- (no CPE)range: < 1.5.3-31.25.1
- (no CPE)range: < 1.5.3-31.25.1
Patches
Vulnerability mechanics
References
2- cwe.mitre.org/data/definitions/121.htmlmitrex_refsource_MISC
- github.com/libjpeg-turbo/libjpeg-turbo/issues/392mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.