A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability.
{ "vanir_signatures": [ { "digest": { "length": 2275.0, "function_hash": "142599679339278390775436878791618875818" }, "source": "https://github.com/academysoftwarefoundation/openexr/commit/51a92d67f53c08230734e74564c807043cbfe41e", "signature_type": "Function", "target": { "function": "testHuf", "file": "OpenEXR/IlmImfTest/testHuf.cpp" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2021-20304-1679b5a0" }, { "digest": { "line_hashes": [ "176619312443329297395995683934337352492", "59153990626692811954531634974037640760", "280545896845426792165423578461400660911", "309647597067992837408997705700321225110", "141598768638337190685828799387095221285", "59153990626692811954531634974037640760", "280545896845426792165423578461400660911", "309647597067992837408997705700321225110" ], "threshold": 0.9 }, "source": "https://github.com/academysoftwarefoundation/openexr/commit/51a92d67f53c08230734e74564c807043cbfe41e", "signature_type": "Line", "target": { "file": "OpenEXR/IlmImf/ImfHuf.cpp" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2021-20304-6ed203c3" }, { "digest": { "line_hashes": [ "228171475889809895756915103234311474723", "211348541425446003625583645029424311982", "222545151195002010839262331802745695684", "123809418444615929039672465823495993606", "306031592317467593999739769909832548872", "193598449336170322423688275719092892213", "220647300859224983045921492760598584090", "309233654629791003679774693033524609444", "176892776764325263697564536408034591675", "302870813458771027071388532728739237970", "65622425798390653163547072846514818453", "324481768719202754334798637136831019229", "74518275870084479626946575580973110792", "25547727514522005730004821624133478644", "192045751469172973298747441871730922438", "169064724491124496309629145572533820457", "70605626775562861260846711740508896634", "336912429723870090733815642676619108296", "264090073998771335898534733328542145183", "33459033936443227971884969393598686629", "157343517884968959420940233932383699525", "217484807965665175555076214503207510777", "212582678668068973043304443816156211788", "146987967791660056920482051128956316123", "28181326755556531652834973651246564785", "15530598930675586033384845841442758547", "73310869741949180931061619557243965044", "49219954833732573551669314778185431154", "16593618965901582378453485782345120607", "16734837471453617396236581449079517855", "259279471084525072680577058575438206187", "339172337089939287073863202488435572964", "162962803419591331999561202055992232360", "160339307031519541974825522946510170088", "248928860887032079536803703486856593194", "95543963126749663113532997325630096147", "262725096885756963894686980051447799753", "123254625821067332210797903513762513825", "215967715629149520871904108046953053179", "259571171774974096463004149095353926018", "17530655067539300605368381897296879015", "204726315782173892977392348255435469678", "121835337635973480034200840984423180024", "90717070669660149296567427081734191442", "306117669700701789329557307766814220802", "61504472609169805676191128426594305503", "231700399743187055041196899206247429277", "122516485055760580003010398310676758913", "292715507876607093012967690374352900416", "294790973898164824799420648800640734466", "48654327463988979693325979468071293396", "117182805332597910880001768519839624159", "210299331129128809525057974852222107539", "133499141619372449062255351366039054991", "328395463138226411156826626435888100621", "324563290341814529990338541121290263692", "94734063386315486169871614185358862762", "9234868116249880552782520179074036286", "80432001400659352278056457450787992504", "245978996548651627931413661881799156804", "140804272341884289952622574105365258196" ], "threshold": 0.9 }, "source": "https://github.com/academysoftwarefoundation/openexr/commit/51a92d67f53c08230734e74564c807043cbfe41e", "signature_type": "Line", "target": { "file": "OpenEXR/IlmImfTest/testHuf.cpp" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2021-20304-942f38ae" }, { "digest": { "length": 1420.0, "function_hash": "138934839704051101487035138836379312673" }, "source": "https://github.com/academysoftwarefoundation/openexr/commit/51a92d67f53c08230734e74564c807043cbfe41e", "signature_type": "Function", "target": { "function": "hufDecode", "file": "OpenEXR/IlmImf/ImfHuf.cpp" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2021-20304-f93effb1" } ] }