CVE-2026-5441

Gravedad:

Pendiente de análisis

Tipo:

No Disponible / Otro tipo

Fecha de publicación:

09/04/2026

Última modificación:

09/04/2026

Descripción

*** Pendiente de traducción *** An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafted sequence at the end of the buffer can cause the decoder to read beyond the allocated memory region and leak heap data into the rendered image output.

Impacto

Referencias a soluciones, herramientas e información

https://kb.cert.org/vuls/id/536588
https://www.machinespirits.de/
https://www.orthanc-server.com/