CVE-2023-29659 – Ubuntu Security Notice USN-6847-1

https://notcve.org/view.php?id=CVE-2023-29659

05 May 2023 — A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Reza Mirzazade Farkhani discovered that libheif incorrectly handled certain image data. • https://github.com/strukturag/libheif/issues/794 • CWE-369: Divide By Zero •