CVE-2026-34535
Segmentation Fault in iccDEV ICC Profile Handling Causes Crash
Publication date: 2026-03-31
Last updated on: 2026-04-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| color | iccdev | to 2.3.1.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in iccDEV, a set of libraries and tools for working with ICC color management profiles. Before version 2.3.1.6, a specially crafted ICC profile can cause a segmentation fault (SEGV) in the function CIccTagArray::Cleanup(). This happens due to misaligned member access or misaligned pointer loads, which leads to an invalid memory read and ultimately causes the process to crash when running the iccRoundTrip tool on a malicious profile.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been patched in iccDEV version 2.3.1.6. To mitigate this vulnerability, you should upgrade your iccDEV installation to version 2.3.1.6 or later.
How can this vulnerability impact me? :
The vulnerability can cause a denial of service by crashing the process that handles ICC profiles, specifically when using the iccRoundTrip tool. This crash results from invalid memory access triggered by a maliciously crafted ICC profile. While it does not lead to data confidentiality or integrity loss, it can disrupt normal operations by causing unexpected process termination.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability CVE-2026-34535 causes a local denial of service by crashing the process handling ICC color profiles due to a segmentation fault. It does not impact confidentiality or integrity of data, as indicated by the CVSS metrics (Confidentiality: None, Integrity: None).
Because it does not lead to unauthorized data access or modification, this vulnerability is unlikely to directly affect compliance with data protection standards and regulations such as GDPR or HIPAA, which primarily focus on protecting personal data confidentiality and integrity.
However, the denial of service caused by this vulnerability could impact system availability, which may be a consideration under some regulatory frameworks depending on the context of use.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability manifests as a segmentation fault (SEGV) in the iccDEV tool iccRoundTrip when processing a specially crafted ICC profile. Detection involves running iccRoundTrip on suspicious or untrusted ICC profiles and observing if the process crashes.
Using sanitizers such as Undefined Behavior Sanitizer (UBSan) and Address Sanitizer (ASan) during testing can help detect misaligned pointer accesses and invalid reads that trigger the crash.
A practical detection approach is to execute the following command on a potentially malicious ICC profile:
- iccRoundTrip suspicious_profile.icc
If the process crashes with segmentation fault or sanitizer errors related to misaligned pointer loads or invalid memory reads, it indicates the presence of the vulnerability.
For more detailed debugging, running iccRoundTrip under sanitizers can be done by compiling iccDEV with UBSan and ASan enabled and then executing the tool on the profile to observe sanitizer reports.