Wind River Support Network

HomeDefectsLIN1022-2014
Acknowledged

LIN1022-2014 : Security Advisory - poppler - CVE-2022-24106

Created: Oct 11, 2022    Updated: Jan 15, 2023
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.

CREATE(Triage):(User=admin) CVE-2022-24106 (https://nvd.nist.gov/vuln/detail/CVE-2022-24106)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube