CVE-2026-24411

iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml()

CVSS 7.1 HIGHEPSS 0.3%CWE-20 CWE-476 CWE-690 CWE-758

In short

iccDEV, a library for handling color profiles, has a flaw in how it processes certain profile data. An attacker can send a malformed color profile to crash the application or potentially execute code.

Technical detail

CIccTagXmlSegmentedCurve::ToXml() exhibits undefined behavior and null pointer dereference when processing user-controlled ICC profile input. Successful exploitation requires crafting a malicious ICC profile and depends on the target application parsing it; impacts include DoS, data manipulation, logic bypass, and code execution.

Summary generated and translated by AI from the official description.

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml(). This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary blobs. Successful exploitation may allow an attacker to perform DoS, manipulate data, bypass application logic and Code Execution. This issue has been fixed in version 2.3.1.2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

Affected products

InternationalColorConsortium · iccDEV

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/InternationalColorConsortium/iccDEV/commit/d6d6f51a999d4266ec09347cac7e0930d6e02eec https://github.com/InternationalColorConsortium/iccDEV/issues/499 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-x53f-7h27-9fc8