Can you explain this vulnerability to me?

This vulnerability is an out-of-bounds write in the Grassroots DICOM library (GDCM) that occurs when parsing a malformed DICOM file containing encapsulated PixelData fragments. It happens due to an unsigned integer underflow in buffer indexing, leading to a segmentation fault caused by out-of-bounds memory access. Simply opening a crafted malicious DICOM file can trigger this issue.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The vulnerability can cause a denial-of-service condition by crashing the application when a malicious DICOM file is opened. This crash results from a segmentation fault due to out-of-bounds memory access, potentially disrupting services that rely on the Grassroots DICOM library.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability is triggered by opening a crafted malicious DICOM file containing malformed encapsulated PixelData fragments. Detection involves identifying such malicious DICOM files before processing. You can scan files for suspicious or malformed DICOM PixelData fragments. However, no specific detection commands or network detection methods are provided in the available resources.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Grassroots DICOM library (GDCM) to a fixed version that addresses this vulnerability. The release v3.2.2 of GDCM is available and likely contains the fix. Avoid opening untrusted or suspicious DICOM files until the update is applied. [2]

Useful 0 Not Useful 0