CVE-2026-34540
Heap Buffer Overflow in iccDEV ICC Profile Parsing (Pre
Publication date: 2026-03-31
Last updated on: 2026-04-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| color | iccdev | to 2.3.1.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in iccDEV, a set of libraries and tools for working with ICC color management profiles. Before version 2.3.1.6, a specially crafted ICC profile can cause a heap-buffer-overflow (HBO) in the function icMemDump() when iccDumpProfile tries to dump or describe malformed tag contents. This leads to an out-of-bounds heap read, which is detectable by AddressSanitizer, specifically occurring in the code at IccProfLib/IccUtil.cpp line 1002, and is reachable through the method CIccTagUnknown::Describe(). The issue has been fixed in version 2.3.1.6.
How can this vulnerability impact me? :
The vulnerability can lead to a heap-buffer-overflow, which may cause a program crash or potentially allow an attacker to execute arbitrary code or cause denial of service. Since the CVSS score indicates no impact on confidentiality or integrity but a high impact on availability (BaseScore 6.2, AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), the primary risk is disruption of service or application instability when processing malicious ICC profiles.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been patched in iccDEV version 2.3.1.6. To mitigate this vulnerability, you should update your iccDEV installation to version 2.3.1.6 or later.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a heap-buffer-overflow triggered by a crafted ICC profile when using iccDEV versions prior to 2.3.1.6. Detection would involve identifying attempts to process malformed ICC profiles with vulnerable versions of iccDEV.
Since the issue occurs during the execution of iccDumpProfile and is observable under AddressSanitizer as an out-of-bounds heap read, one detection method is to run iccDumpProfile on ICC profiles in a controlled environment with AddressSanitizer enabled to catch the heap-buffer-overflow.
No specific network detection commands or signatures are provided in the available information.
Suggested command to test a profile for the vulnerability (assuming AddressSanitizer is set up):
- Run iccDumpProfile on the ICC profile with AddressSanitizer enabled to detect out-of-bounds reads.
- Example: ASAN_OPTIONS=detect_heap_buffer_overflow=1 ./iccDumpProfile suspicious_profile.icc
Additionally, verifying the version of iccDEV installed and ensuring it is updated to 2.3.1.6 or later will prevent exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.