Preface: The nvJPEG library provides low-latency decoding, encoding, and transcoding for common JPEG formats used in computer vision applications such as image classification, object detection and image segmentation.
Background: The nvJPEG library enables the following functions: use the JPEG image data stream as input; retrieve the width and height of the image from the data stream, and use this retrieved information to manage the GPU memory allocation and the decoding.
To use the nvJPEG library, start by calling the helper functions for initialization. Create nvJPEG library handle with one of the helper functions nvjpegCreateSimple() or nvjpegCreateEx() . Create JPEG state with the helper function nvjpegJpegStateCreate() . See nvJPEG Type Declarations and nvjpegJpegStateCreate() .
The nvJPEG library provides high-performance, GPU accelerated JPEG decoding functionality for image formats commonly used in deep learning and hyperscale multimedia applications.
Ref: Arrays in C/C++ are zero-indexed, meaning that if an array has `n` elements, valid indices range from `0` to `n-1`. Accessing an index outside this range leads to out-of-bounds access. Pointers in C/C++ provide direct memory manipulation capabilities, but this power comes with the risk of “out-of-bounds” access.
Vulnerability details: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
Official announcement: For more details, please click the link.