CVE-2024-28576 identifies a buffer overflow vulnerability in the FreeImage open source library version 3.19.0, specifically within the opj_j2k_tcp_destroy() function responsible for handling J2K (JPEG 2000) image format files. The vulnerability arises due to improper bounds checking when freeing or destroying TCP-related structures during image decoding, leading to a buffer overflow condition. This flaw can be triggered by a local attacker who can supply or manipulate J2K images processed by applications using the vulnerable FreeImage version. The overflow can cause the application to crash, resulting in a denial of service (DoS) condition. According to the CVSS v3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H), exploitation requires local access with low privileges and no user interaction, with a low attack complexity. The vulnerability affects availability only, with no direct impact on confidentiality or integrity. No patches or fixes have been published at the time of disclosure, and no known exploits have been observed in the wild. The vulnerability is classified under CWE-120 (Classic Buffer Overflow).

The primary impact of CVE-2024-28576 is denial of service, which can disrupt applications or services relying on FreeImage for processing J2K images. This can lead to application crashes, potentially affecting user experience, automated image processing workflows, or systems that depend on FreeImage for image rendering or conversion. Since exploitation requires local access, the threat is limited to environments where untrusted or semi-trusted users have the ability to supply or process J2K images. This could include shared workstations, development environments, or multi-user systems. The lack of confidentiality or integrity impact reduces the risk of data breaches or unauthorized data modification. However, repeated or targeted exploitation could degrade system availability, impacting operational continuity. Organizations using FreeImage in critical imaging or media processing pipelines may face interruptions or require incident response to recover from crashes.

To mitigate CVE-2024-28576, organizations should first restrict local access to systems processing J2K images with FreeImage 3.19.0, limiting the ability of untrusted users to supply or manipulate such images. Implement strict file validation and sandboxing for image processing applications to contain potential crashes. Monitor application logs and system stability for signs of abnormal termination or crashes related to image handling. Where possible, replace or upgrade FreeImage to a version that addresses this vulnerability once a patch is released. Until patches are available, consider disabling support for J2K image formats if not essential. Employ application whitelisting and endpoint protection to detect anomalous behavior. For developers, review and harden image parsing code to prevent buffer overflows and conduct fuzz testing on image inputs. Maintain an incident response plan to quickly recover from potential DoS events caused by this vulnerability.