CVE-2023-2804 Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo

Published February 12, 2026

A heap‑based buffer overflow exists in libjpeg‑turbo’s h2v2_merged_upsample_internal() function when processing 12‑bit lossless JPEG images. An attacker could craft an image containing out‑of‑range 12‑bit samples that, when decompressed with merged upsampling enabled, may trigger a segmentation fault or buffer overflow, resulting in an application crash.

Privacy | General Terms & Conditions | Speed Test | Image Share | ASN

We use cookies to improve your experience. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CVE-2023-2804 Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo

Contact Info

Follow Us

Affiliations

More Info