CVE-2017-9115

Priority
Description
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in
half.h could cause the application to crash or execute arbitrary code.
Assigned-to
mdeslaur
Notes
mdeslaursee suse bug for reproducer with exrmakepreview
first patch in upstream bug doesn't cover this CVE

The patch for this issue was dropped during the focal
development cycle by mistake.
More Information

Updated: 2020-04-27 14:14:29 UTC (commit ea8bdde3a892c44768269a44487136aceed4d8b1)