CVE-2017-2575

Summary

A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeared while converting a malicious JPEG file to BPG.

Affected Software

VendorProductVersion RangeStatus
Fabrice Bellardlibbpg0.9.7affected

Weaknesses

  • CWE-119: CWE-119

ADP Enrichment

CVE Program Container

Additional References

References