CVE-2026-34378: CWE-190: Integer Overflow or Wraparound in AcademySoftwareFoundation openexr
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overflow in generic_unpack(). By setting dataWindow.min.x to a large negative value, OpenEXRCore computes an enormous image width, which is later used in a signed integer multiplication that overflows, causing the process to terminate with SIGILL via UBSan. This vulnerability is fixed in 3.4.9.
AI Analysis
Technical Summary
OpenEXR, a library implementing the EXR image format, contains a signed integer overflow vulnerability in versions 3.4.0 through 3.4.8. The vulnerability is triggered by specially crafted EXR file headers where the dataWindow.min.x attribute is set to a large negative value. This causes the generic_unpack() function to compute an excessively large image width without proper bounds checking. The subsequent signed integer multiplication overflows, causing the process to terminate abnormally with a SIGILL signal due to UBSan detection. This vulnerability is classified under CWE-190 (Integer Overflow or Wraparound) and has a CVSS v3.1 base score of 6.5 (medium severity). The issue is resolved in version 3.4.9 of OpenEXR.
Potential Impact
The vulnerability allows an attacker to cause a denial of service by crashing processes that parse maliciously crafted EXR files. There is no impact on confidentiality or integrity. No known exploits are reported in the wild. The crash is triggered by a signed integer overflow detected by UBSan, resulting in process termination (SIGILL).
Mitigation Recommendations
This vulnerability is fixed in OpenEXR version 3.4.9. Users should upgrade to version 3.4.9 or later to remediate this issue. Since the vendor advisory or patch links are not explicitly provided, confirm the upgrade availability from the official AcademySoftwareFoundation OpenEXR release notes or repository before applying. No other mitigations are indicated.
CVE-2026-34378: CWE-190: Integer Overflow or Wraparound in AcademySoftwareFoundation openexr
Description
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overflow in generic_unpack(). By setting dataWindow.min.x to a large negative value, OpenEXRCore computes an enormous image width, which is later used in a signed integer multiplication that overflows, causing the process to terminate with SIGILL via UBSan. This vulnerability is fixed in 3.4.9.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
OpenEXR, a library implementing the EXR image format, contains a signed integer overflow vulnerability in versions 3.4.0 through 3.4.8. The vulnerability is triggered by specially crafted EXR file headers where the dataWindow.min.x attribute is set to a large negative value. This causes the generic_unpack() function to compute an excessively large image width without proper bounds checking. The subsequent signed integer multiplication overflows, causing the process to terminate abnormally with a SIGILL signal due to UBSan detection. This vulnerability is classified under CWE-190 (Integer Overflow or Wraparound) and has a CVSS v3.1 base score of 6.5 (medium severity). The issue is resolved in version 3.4.9 of OpenEXR.
Potential Impact
The vulnerability allows an attacker to cause a denial of service by crashing processes that parse maliciously crafted EXR files. There is no impact on confidentiality or integrity. No known exploits are reported in the wild. The crash is triggered by a signed integer overflow detected by UBSan, resulting in process termination (SIGILL).
Mitigation Recommendations
This vulnerability is fixed in OpenEXR version 3.4.9. Users should upgrade to version 3.4.9 or later to remediate this issue. Since the vendor advisory or patch links are not explicitly provided, confirm the upgrade availability from the official AcademySoftwareFoundation OpenEXR release notes or repository before applying. No other mitigations are indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-27T13:43:14.370Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d3d1a00a160ebd92c130dc
Added to database: 4/6/2026, 3:30:40 PM
Last enriched: 4/6/2026, 3:46:30 PM
Last updated: 4/6/2026, 5:14:30 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.