Unrated severityNVD Advisory· Published Aug 22, 2023· Updated Oct 4, 2024
CVE-2021-29390
CVE-2021-29390
Description
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7(expand)+ 1 more
- (no CPE)
- (no CPE)range: =2.0.90
- osv-coords5 versionspkg:rpm/almalinux/libjpeg-turbopkg:rpm/almalinux/libjpeg-turbo-develpkg:rpm/almalinux/libjpeg-turbo-utilspkg:rpm/almalinux/turbojpegpkg:rpm/almalinux/turbojpeg-devel
< 2.0.90-7.el9+ 4 more
- (no CPE)range: < 2.0.90-7.el9
- (no CPE)range: < 2.0.90-7.el9
- (no CPE)range: < 2.0.90-7.el9
- (no CPE)range: < 2.0.90-7.el9
- (no CPE)range: < 2.0.90-7.el9
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/mitrevendor-advisory
- bugzilla.redhat.com/show_bug.cgimitre
- github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.cmitre
- github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.cmitre
News mentions
0No linked articles in our index yet.