CVE-2023-22845 – An out-of-bounds read vulnerability in OpenImag... (How to Fix)

Q: What is the severity of CVE-2023-22845?

CVE-2023-22845 has a CVSS score of 7.5 (HIGH). An out-of-bounds read vulnerability in OpenImageIO's TGA file parser allows attackers to read memory beyond allocated buffers via specially crafted Targa files. This can lead to information disclosure of sensitive data from the application's memory. Affects systems processing TGA files with OpenImageIO v2.4.7.1.

📋 TL;DR

An out-of-bounds read vulnerability in OpenImageIO's TGA file parser allows attackers to read memory beyond allocated buffers via specially crafted Targa files. This can lead to information disclosure of sensitive data from the application's memory. Affects systems processing TGA files with OpenImageIO v2.4.7.1.

💻 Affected Systems

Products:

OpenImageIO

Versions: v2.4.7.1

Operating Systems: All platforms running OpenImageIO

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using OpenImageIO to process TGA files is vulnerable. The vulnerability is in the TGAInput::decode_pixel() function.

📦 What is this software?

Openimageio by Openimageio

View all CVEs affecting Openimageio →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory contents including sensitive data like passwords, keys, or other application data could be exfiltrated, potentially enabling further attacks.

🟠

Likely Case

Application crashes or information leakage from memory, possibly revealing internal data structures or partial memory contents.

🟢

If Mitigated

With proper input validation and memory protections, impact limited to application instability or denial of service.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires providing a malicious TGA file to the vulnerable application. The vulnerability is in file parsing code.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.4.8.0 or later

Vendor Advisory: https://github.com/OpenImageIO/oiio/security/advisories/GHSA-5j5x-g36c-8x4v

Restart Required: Yes

Instructions:

1. Update OpenImageIO to version 2.4.8.0 or later. 2. Rebuild any applications using OpenImageIO. 3. Restart affected services.

🔧 Temporary Workarounds

Disable TGA file processing

all

Configure applications to reject or not process TGA files

Input validation

all

Implement file type validation before passing to OpenImageIO

🧯 If You Can't Patch

Implement strict file upload controls to block TGA files
Run OpenImageIO in sandboxed/isolated environment with limited memory access

🔍 How to Verify

Check if Vulnerable:

Check OpenImageIO version: oiiotool --version

Check Version:

oiiotool --version | grep -i version

Verify Fix Applied:

Verify version is 2.4.8.0 or later and test with known malicious TGA files

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing TGA files
Memory access violation errors
Unexpected file parsing errors

Network Indicators:

Uploads of TGA files to vulnerable endpoints
Unusual file transfer patterns

SIEM Query:

source="application.log" AND ("segmentation fault" OR "access violation" OR "out of bounds") AND "tga"

📊 Metadata

CVE ID: CVE-2023-22845

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: March 30, 2023

Last Updated: November 21, 2024

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1708 Exploit,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1708 Exploit,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1708

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-22845, you might also want to check these: