CVE-2026-22861
Unknown Unknown - Not Provided
Heap-Based Buffer Overflow in iccDEV ICC Profile Processing

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: GitHub, Inc.

Description
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2026-22861
EUVD
EUVD-2026-2412
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
international_color_consortium iccdev 2.3.1.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
CWE-130 The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.
CWE-252 The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-22861 is a heap-based buffer overflow vulnerability in the iccDEV library, specifically in the function SIccCalcOp::Describe() within the IccProfLib/IccMpeCalc.cpp file. The vulnerability occurs due to improper handling of operation counts and incorrect bounds checking when processing ICC color profile calculation operations, leading to out-of-bounds memory reads beyond the allocated heap buffer. This can cause memory corruption or crashes when processing crafted ICC profiles, especially during conversion to XML format. The issue was fixed by correcting the calculation of sub-operation counts and ensuring safe memory access in version 2.3.1.2. [1, 2, 3, 4]

Impact Analysis

This vulnerability can lead to memory corruption, application crashes, or potentially allow an attacker to execute arbitrary code when processing maliciously crafted ICC color profiles. Since the vulnerability can be exploited remotely without privileges but requires user interaction, it poses a high risk to confidentiality, integrity, and availability of systems using the iccDEV library for ICC profile processing. Exploitation could result in data breaches, data manipulation, or denial of service. [2, 3]

Detection Guidance

This vulnerability can be detected by using the iccToXml tool from the iccDEV project, which converts ICC profile data to XML format. The heap-buffer-overflow was identified through AddressSanitizer during the execution of iccToXml. Running iccToXml on ICC profiles and monitoring with AddressSanitizer or similar memory error detection tools can help detect the vulnerability. Example command: `ASAN_OPTIONS=detect_stack_use_after_return=1 ./iccToXml <icc_profile.icc>` on a Linux system with AddressSanitizer enabled. This will help identify out-of-bounds reads or heap-buffer-overflows during ICC profile processing. [2]

Mitigation Strategies

The immediate mitigation step is to upgrade the iccDEV library to version 2.3.1.2 or later, where the vulnerability in SIccCalcOp::Describe() has been fixed. The fix corrects the handling of operation counts to prevent out-of-bounds heap memory access. Until the upgrade is applied, avoid processing untrusted or malformed ICC profiles with vulnerable versions of iccDEV, especially using the iccToXml tool. No other workarounds are provided. [3, 4, 1]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22861. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart