Friend
Professional
- Messages
- 2,669
- Reaction score
- 943
- Points
- 113
Vulnerabilities in Kakadu put millions of servers at risk.
The Google CVR team has discovered vulnerabilities in the Kakadu image library, which is used to process JPEG 2000 files. The detected errors allow remote access to the system and arbitrary code execution on the server without access to the source code or runtime.
JPEG 2000 is a popular standard for image compression, and Kakadu is one of the leading libraries for its operation. The CVR team identified a number of vulnerabilities in the library's image processing mechanisms. One of the key difficulties in exploiting such vulnerabilities is the unknown execution environment, which makes traditional methods of preparing for an attack ineffective. However, the researchers managed to circumvent the limitations by developing a "conditional corruption" technique that allowed the image to be modified so that it itself created the conditions for a successful attack.
One of the vulnerabilities of the Kakadu library is the ability to read arbitrary files on the server. Due to the nature of data fragmentation in JPEG 2000, attackers can replace image fragments with bytes from local files. This allows you to access critical information on the server, including memory card files and process environments. The second vulnerability is related to writing data outside the allocated memory area (Heap Overflow). Errors in multiplying numbers in library code can cause data to be written to areas of memory that are not intended for this purpose.
Exploitation of vulnerabilities is complicated by the fact that in a distributed environment, it is impossible to guarantee that repeated requests will be processed by the same server. To solve this problem, the CVR team used a technique that took advantage of the unique characteristics of the Kakadu library to identify servers running the library and allow for a more accurate attack.
In addition, CVR has developed a mechanism to circumvent standard security techniques such as Address Space Layout Randomization (ASLR), which make it difficult to predict the memory addresses used during code execution. This is made possible by reading the contents of memory on the fly and using the data to adjust subsequent attack actions.
This study demonstrates the high degree of threat that even seemingly minor vulnerabilities in widely used libraries can pose. Users of the Kakadu library are strongly advised to update to the latest version to avoid possible attacks that exploit the vulnerabilities discovered.
Source
The Google CVR team has discovered vulnerabilities in the Kakadu image library, which is used to process JPEG 2000 files. The detected errors allow remote access to the system and arbitrary code execution on the server without access to the source code or runtime.
JPEG 2000 is a popular standard for image compression, and Kakadu is one of the leading libraries for its operation. The CVR team identified a number of vulnerabilities in the library's image processing mechanisms. One of the key difficulties in exploiting such vulnerabilities is the unknown execution environment, which makes traditional methods of preparing for an attack ineffective. However, the researchers managed to circumvent the limitations by developing a "conditional corruption" technique that allowed the image to be modified so that it itself created the conditions for a successful attack.
One of the vulnerabilities of the Kakadu library is the ability to read arbitrary files on the server. Due to the nature of data fragmentation in JPEG 2000, attackers can replace image fragments with bytes from local files. This allows you to access critical information on the server, including memory card files and process environments. The second vulnerability is related to writing data outside the allocated memory area (Heap Overflow). Errors in multiplying numbers in library code can cause data to be written to areas of memory that are not intended for this purpose.
Exploitation of vulnerabilities is complicated by the fact that in a distributed environment, it is impossible to guarantee that repeated requests will be processed by the same server. To solve this problem, the CVR team used a technique that took advantage of the unique characteristics of the Kakadu library to identify servers running the library and allow for a more accurate attack.
In addition, CVR has developed a mechanism to circumvent standard security techniques such as Address Space Layout Randomization (ASLR), which make it difficult to predict the memory addresses used during code execution. This is made possible by reading the contents of memory on the fly and using the data to adjust subsequent attack actions.
This study demonstrates the high degree of threat that even seemingly minor vulnerabilities in widely used libraries can pose. Users of the Kakadu library are strongly advised to update to the latest version to avoid possible attacks that exploit the vulnerabilities discovered.
Source
