Login Sign Up

CVE-2020-36281

7.5 HIGH
Denial of Service

📋 TL;DR

CVE-2020-36281 is a heap-based buffer over-read vulnerability in Leptonica's color quantization function. This allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information or causing crashes. Any application using Leptonica versions before 1.80.0 for image processing is affected.

💻 Affected Systems

Products:
  • Leptonica
Versions: All versions before 1.80.0
Operating Systems: All platforms where Leptonica is used
Default Config Vulnerable: ⚠️ Yes
Notes: Any application that uses Leptonica's pixFewColorsOctcubeQuantMixed function with untrusted image input is vulnerable.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Leptonica by Leptonica

View all CVEs affecting Leptonica →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive memory contents, potential remote code execution through memory corruption, or denial of service causing application crashes.

🟠

Likely Case

Application crashes or denial of service when processing maliciously crafted images, with possible limited information disclosure.

🟢

If Mitigated

Controlled crashes without information disclosure if proper memory protections and input validation are in place.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires feeding malicious images to vulnerable applications. The OSS-Fuzz project discovered and reported this issue.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.80.0

Vendor Advisory: https://github.com/DanBloomberg/leptonica/commit/5ee24b398bb67666f6d173763eaaedd9c36fb1e5

Restart Required: Yes

Instructions:

1. Update Leptonica to version 1.80.0 or later. 2. Recompile any applications using Leptonica. 3. Restart affected services.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation for image files before passing to Leptonica functions

Memory Protection

linux

Enable ASLR and other memory protection mechanisms

sysctl -w kernel.randomize_va_space=2

🧯 If You Can't Patch

  • Isolate applications using Leptonica in restricted environments
  • Implement network filtering to block malicious image uploads

🔍 How to Verify

Check if Vulnerable:

Check Leptonica version with 'leptonica-config --version' or examine linked library versions

Check Version:

leptonica-config --version || pkg-config --modversion leptonica

Verify Fix Applied:

Confirm version is 1.80.0 or later and test with known malicious images

📡 Detection & Monitoring

Log Indicators:

  • Segmentation faults
  • Memory access violation errors
  • Unexpected application crashes

Network Indicators:

  • Unusual image upload patterns
  • Large number of failed image processing requests

SIEM Query:

source="application.logs" AND ("segmentation fault" OR "buffer over-read" OR "access violation")

📊 Metadata

CVE ID: CVE-2020-36281
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-125
Published: March 12, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-36281, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)