Libheif
CVE-2019-11471
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images.
AnalysisAI
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images. Affected products include: Struktur Libheif.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bit
libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc. R
libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc. Rated high severi
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncom
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with fo
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. Rated high severity (CVSS 7.5), this vulne
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the hei
Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Ad
Heap buffer overflow write in libheif (versions ≤ 1.21.2) lets a crafted HEIF/AVIF file write 64 bytes of attacker-contr
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. Rated high severi
Heap buffer overflow in libheif versions 1.21.2 and below allows remote attackers to corrupt memory via a maliciously cr
Heap buffer over-read in libheif versions 1.21.2 and prior allows remote attackers to crash applications or potentially
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today