CVE-2022-37769

Vulnerability

A segmentation fault exists in libjpeg at commit 281daa9 in the HuffmanDecoder::Get function within huffmandecoder.hpp (line 112). The crash occurs when processing a specially crafted JPEG file, specifically during the parsing of a lossless scan in LosslessScan::ParseMCU. The vulnerability is triggered without any special configuration; simply opening the malicious file with the jpeg tool leads to the fault [1].

Exploitation

An attacker can exploit this vulnerability by crafting a malicious JPEG file and convincing a user to process it with the jpeg tool (e.g., jpeg poc /dev/null). No authentication or special network access is required; the attack vector is local file processing. The crash is reproducible and results in a segmentation fault due to a null pointer dereference in HuffmanDecoder::Get [1].

Impact

Successful exploitation causes a denial of service (DoS) via application crash. The segmentation fault terminates the jpeg process, preventing further processing. There is no indication of code execution or information disclosure; the impact is limited to availability [1].

Mitigation

As of the publication date (2022-08-18), no official patch has been released for this issue. The reference [1] does not mention a fix. Users should monitor the libjpeg repository for updates and avoid processing untrusted JPEG files with the affected version. No workaround is provided in the available references.