CVE-2026-31797
Heap Out-of-Bounds Read in iccDEV TIFF Processing Causes Memory Disclosure
Publication date: 2026-03-10
Last updated on: 2026-03-13
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| color | iccdev | to 2.3.1.5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-31797 is a heap buffer overflow vulnerability in the iccDEV project's TIFF image processing code, specifically in the function CTiffImg::ReadLine()."}, {'type': 'paragraph', 'content': 'The issue occurs when processing specially crafted TIFF images that contain incorrect or bogus metadata in the "StripByteCounts" field. This causes improper buffer allocation and leads to reading beyond the allocated memory buffer (heap out-of-bounds read).'}, {'type': 'paragraph', 'content': 'This vulnerability can cause memory disclosure or application crashes due to unsafe memory access during the reading of TIFF image strips.'}, {'type': 'paragraph', 'content': 'The problem was fixed by modifying the buffer allocation to always use the maximum strip size instead of relying on potentially incorrect strip byte counts, preventing the overflow.'}] [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to memory disclosure, where sensitive information in memory might be exposed.
It can also cause application crashes, resulting in denial of service or instability when processing malicious TIFF images.
In some cases, the heap buffer overflow could potentially be exploited for arbitrary code execution, allowing an attacker to run malicious code.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by processing specially crafted TIFF image files with the iccApplyProfiles tool from the iccDEV package and observing for heap-buffer-overflow errors or warnings related to bogus "StripByteCounts" fields.'}, {'type': 'paragraph', 'content': 'A practical detection method involves running iccApplyProfiles with AddressSanitizer enabled to catch memory errors during TIFF image processing.'}, {'type': 'list_item', 'content': 'Clone the iccDEV repository and checkout the relevant branch.'}, {'type': 'list_item', 'content': 'Build the iccApplyProfiles tool with sanitizers enabled (e.g., AddressSanitizer and UndefinedBehaviorSanitizer).'}, {'type': 'list_item', 'content': 'Run the command: ASAN_OPTIONS=print_scariness=1 ./iccApplyProfiles hbo-CTiffImg-ReadLine-TiffImg_cpp-Line370.tiff Rec2020rgbSpectral.icc'}, {'type': 'paragraph', 'content': 'If the vulnerability is present, the tool will emit warnings about bogus "StripByteCounts" fields and trigger heap-buffer-overflow errors during the ReadLine() call.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the iccDEV package to version 2.3.1.5 or later, where the vulnerability has been fixed.
The fix involves a patch that changes buffer allocation in CTiffImg::ReadLine() to use the maximum strip size instead of relying on potentially incorrect StripByteCounts, preventing heap buffer overflows.
No workarounds are provided, so updating to the patched version is the recommended action.