Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-34379— OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)

CVSS 7.1 · High EPSS 0.07% · P20
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-34379

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability exists in LossyDctDecoder_execute() in src/lib/OpenEXRCore/internal_dwa_decoder.h:749. When decoding a DWA or DWAB-compressed EXR file containing a FLOAT-type channel, the decoder performs an in-place HALF→FLOAT conversion by casting an unaligned uint8_t * row pointer to float * and writing through it. Because the row buffer may not be 4-byte aligned, this constitutes undefined behavior under the C standard and crashes immediately on architectures that enforce alignment (ARM, RISC-V, etc.). On x86 it is silently tolerated at runtime but remains exploitable via compiler optimizations that assume aligned access. This vulnerability is fixed in 3.2.7, 3.3.9, and 3.4.9.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
不正确的类型转换
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenEXR 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenEXR是Academy Software Foundation开源的一种高动态范围图像(HDR)文件格式的开放标准。 OpenEXR 3.2.0至3.2.7之前版本、3.3.9之前版本和3.4.9之前版本存在安全漏洞,该漏洞源于内存写入未对齐,可能导致崩溃或可利用的未定义行为。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AcademySoftwareFoundationopenexr >= 3.2.0, < 3.2.7 -

II. Public POCs for CVE-2026-34379

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-34379

登录查看更多情报信息。

Same Patch Batch · AcademySoftwareFoundation · 2026-04-06 · 5 CVEs total

CVE-2026-343786.5 MEDIUMOpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with craf
CVE-2026-343805.9 MEDIUMOpenEXR has a signed integer overflow (undefined behavior) in undo_pxr24_impl may allow bo
CVE-2026-34589OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write
CVE-2026-34588OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

IV. Related Vulnerabilities

Same product: openexr
Same vendor: AcademySoftwareFoundation
Same weakness: CWE-704

V. Comments for CVE-2026-34379

No comments yet

Leave a comment