https://bugzilla.redhat.com/show_bug.cgi?id=2052012 Bug ID: 2052012 Summary: blender: Out-of-bounds memory access in IMB_flipy() due to large image dimensions Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: mcascell(a)redhat.com CC: design-devel(a)lists.fedoraproject.org, kwizart(a)gmail.com, luya_tfz(a)thefinalzone.net, negativo17(a)gmail.com, promac(a)gmail.com Blocks: 2052005 Target Milestone: --- Classification: Other An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. Upstream issue: https://developer.blender.org/T94629 Upstream patch: https://developer.blender.org/D13744 -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2052012