Miggo Logo
Miggo Vulnerability Database
CVE-2021-20205

CVE-2021-20205:
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability...

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-20205
GHSA ID
GHSA-jxcf-352f-vj82
EPSS Score
0.62218%
CWE
CWE-369
Published
5/24/2022
Updated
1/29/2023
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability is a divide-by-zero error when processing a GIF with zero width or height. The provided commit 1719d12e51641cce5c77e259516649ba5ef6303c patches the start_input_gif function in rdgif.c. The patch explicitly adds checks for width == 0 || height == 0 after reading these values from the GIF header. If either is zero, the function now exits with an error JERR_GIF_EMPTY. This directly indicates that the start_input_gif function was the entry point for the vulnerable condition, as it was responsible for reading these dimensions and, without the patch, would allow processing to continue with these invalid values, leading to a subsequent divide-by-zero. The Bugzilla report also confirms that the issue was in cjpeg when processing a crafted GIF, and rdgif.c contains GIF reading functionalities used by cjpeg.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Li*jp**-tur*o v*rsions *.*.** *n* *.*.** is vuln*r**l* to * **ni*l o* s*rvi** vuln*r**ility **us** *y * *ivi** *y z*ro w**n pro**ssin* * *r**t** *I* im***.

Reasoning

T** vuln*r**ility is * *ivi**-*y-z*ro *rror w**n pro**ssin* * *I* wit* z*ro wi*t* or **i**t. T** provi*** *ommit `****************************************` p*t***s t** `st*rt_input_*i*` *un*tion in `r**i*.*`. T** p*t** *xpli*itly ***s ****ks *or `wi*