CVE-2026-30979
Received Received - Intake
Heap-Based Buffer Overflow in iccDEV Causes Memory Corruption

Publication date: 2026-03-10

Last updated on: 2026-03-13

Assigner: GitHub, Inc.

Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp() triggered with local user interaction causing memory corruption/crash. This vulnerability is fixed in 2.3.1.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-10
Last Modified
2026-03-13
Generated
2026-06-16
AI Q&A
2026-03-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-30979
EUVD
EUVD-2026-10717
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
color iccdev to 2.3.1.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-30979 is a heap-based buffer overflow vulnerability in the iccDEV project, specifically in the function CIccCalculatorFunc::InitSelectOp(). This vulnerability occurs when the function attempts to read or write beyond the allocated heap buffer boundaries during the initialization of select operations in ICC profile processing.

The issue arises due to improper bounds checking or indexing, leading to out-of-bounds memory access. It can be triggered by processing a specially crafted ICC profile file, causing memory corruption or application crashes.

The vulnerability was discovered through fuzz testing and is fixed in version 2.3.1.5 by ensuring array boundaries are not exceeded during select/case statement processing.

Impact Analysis

This vulnerability can lead to memory corruption or application crashes when processing malicious ICC profile files.

An attacker with local access and no special privileges can exploit this flaw by triggering the vulnerable function through user interaction, potentially causing denial of service or arbitrary code execution.

The impact is rated high for confidentiality, integrity, and availability, meaning it could allow unauthorized access to sensitive data, modification of data, or disruption of service.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by testing the iccDEV tools, specifically the iccRoundTrip tool, with crafted malicious ICC profile files that trigger the heap buffer overflow in the function CIccCalculatorFunc::InitSelectOp().

A practical detection method involves using fuzz testing tools such as libFuzzer to generate and process ICC profiles, monitoring for crashes or memory corruption during execution.

For example, you can run the following command to test with a proof-of-concept ICC profile file that triggers the vulnerability:

  • iccRoundTrip <path_to_malicious_icc_profile>

Additionally, running the iccRoundTrip tool under AddressSanitizer or similar memory error detection tools can help identify the heap buffer overflow by reporting out-of-bounds reads or writes.

Mitigation Strategies

The immediate mitigation step is to upgrade the iccDEV package to version 2.3.1.5 or later, where the heap buffer overflow vulnerability in CIccCalculatorFunc::InitSelectOp() has been fixed.

Since the vulnerability requires local user interaction and no privileges, restricting access to the iccDEV tools and preventing untrusted users from processing ICC profile files can reduce risk.

No workarounds are provided, so patching to the fixed version is the recommended action.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30979. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart