Wind River Support Network

HomeDefectsLIN1021-4510
Not to be fixed

LIN1021-4510 : Security Advisory - poppler - CVE-2022-24106

Created: Oct 11, 2022    Updated: Dec 8, 2023
Resolved Date: Dec 8, 2023
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

CREATE(Triage):(User=admin) CVE-2022-24106 (https://nvd.nist.gov/vuln/detail/CVE-2022-24106)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube