CVE-2024-28563 identifies a buffer overflow vulnerability in the FreeImage open source library, version 3.19.0, specifically within the Imf_2_2::DwaCompressor::Classifier::Classifier() function. This function is involved in decompressing images in the EXR format, a high dynamic range image file format widely used in professional graphics and visual effects. The vulnerability arises due to improper bounds checking during the classification process of the DWA compression algorithm, leading to a buffer overflow condition. Exploiting this flaw allows a local attacker to cause a denial of service by crashing the application that uses FreeImage to process a maliciously crafted EXR image. The CVSS 3.1 base score is 5.9 (medium severity), reflecting that the attack vector is local (AV:L), requires low attack complexity (AC:L), no privileges (PR:N), no user interaction (UI:N), and impacts confidentiality, integrity, and availability to a limited extent (C:L/I:L/A:L). No known exploits have been reported in the wild, and no patches are currently available, increasing the importance of proactive mitigation. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), a common and critical software weakness that can lead to crashes or potentially more severe exploitation if combined with other vulnerabilities.

The primary impact of CVE-2024-28563 is denial of service, where applications using FreeImage to process EXR images may crash or become unstable when handling maliciously crafted files. This can disrupt workflows in industries relying on image processing, such as digital content creation, visual effects, gaming, and multimedia software development. Although the vulnerability requires local access, it can be exploited by malicious insiders or through compromised local accounts, potentially affecting development environments, automated image processing pipelines, or desktop applications. The limited impact on confidentiality and integrity reduces the risk of data breaches or code execution, but service availability interruptions can cause operational delays and productivity loss. Organizations with automated image processing or rendering systems that use FreeImage are particularly vulnerable to unexpected downtime. The absence of patches and known exploits means the threat is currently theoretical but should be addressed promptly to prevent future exploitation.

1. Restrict local access to systems running applications that use FreeImage, especially those processing EXR images, to trusted users only. 2. Monitor application logs and system stability for crashes or unusual behavior related to image processing tasks. 3. Implement application-level sandboxing or containerization to isolate FreeImage processes and limit the impact of potential crashes. 4. Avoid processing untrusted or unauthenticated EXR image files locally until a patch is released. 5. Engage with FreeImage maintainers or community to track patch releases and apply updates promptly once available. 6. Consider alternative image processing libraries without this vulnerability for critical workflows if immediate patching is not feasible. 7. Conduct code audits or fuzz testing on FreeImage usage in your environment to identify and mitigate similar vulnerabilities proactively. 8. Educate local users about the risks of opening untrusted EXR files and enforce strict file handling policies.