Information

The pdfreader service is responsible for parsing PDF documents on Kindle e-reader devices.

An integer overflow in the CJBig2Image::expand() function of libfpdfemb.so enables an attacker to trigger a memory allocation which will be too short for an image filtered by the JBig2Decode filter.
This later leads to a Heap-Based Buffer Overflow when handling the parsed image.


Attachments:
jbig2_overflow.pdf

References:
https://research.checkpoint.com/2021/i-can-take-over-your-kindle/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30354