Bug #1170: Issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match the expected number of pixel - DCMTK - OFFIS DCMTK and DICOM Projects

Actions

Copy link

Bug #1170

closed

Issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match the expected number of pixel

Added by Marco Eichelberg 3 days ago.

Status:

Closed

Priority:

Normal

Assignee:

Jörg Riesmeier

Category:

Target version:

Start date:

2025-11-06

Due date:

% Done:

100%

Estimated time:

Module:

Operating System:

Compiler:

Description

There is an issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match the expected number of pixels. In this case, only a single pixel is processed, but the pixel matrix is much larger. Filling the rest of the pixel matrix with the smallest possible value for the image is not working because of an optimized memory usage (value would be out of range).

Thanks to Ding zhengzheng <xiaozheng.ding399@gmail.com> for the report and the sample file (PoC).

Closed by commit #410ffe201.

This issue was registered as CVE-2025-25472 (https://www.cve.org/CVERecord?id=CVE-2025-25472).

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

DCMTK

Bug #1170

Issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match the expected number of pixel