Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-45935
CVE-2021-45935:
Homebrew vulnerability analysis and mitigation
Overview
Grok 9.5.0 contains a heap-based buffer overflow vulnerability in the openhtj2k::T1OpenHTJ2K::decompress function, which is called from std::__1::_packagedtask_func. This vulnerability was discovered and reported through the OSS-Fuzz program (OSS-Fuzz).
Technical details
The vulnerability is a heap-based buffer overflow that occurs during the WRITE operation of 4 bytes in the openhtj2k::T1OpenHTJ2K::decompress function. The issue is triggered when processing HTJ2K (High-Throughput JPEG 2000) image data, which is part of the ITU-T Rec.814 | ISO 15444-15 standard implementation (OpenHTJ2K).
Impact
A heap-based buffer overflow can lead to memory corruption, potentially resulting in program crashes or arbitrary code execution. This type of vulnerability could allow attackers to compromise system security through specially crafted HTJ2K image files.
Mitigation and workarounds
Users should upgrade to a version of Grok newer than 9.5.0 that contains the fix for this vulnerability. If upgrading is not immediately possible, users should exercise caution when processing untrusted HTJ2K image files.
Additional resources
Source: This report was generated using AI
Related Homebrew vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management