Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) via a null-pointer member call in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions() (reported by UBSan as “member call on null pointer of type CIccTagSpectralViewingConditions”). The issue is reachable when running iccApplyNamedCmm with -PCC using a malformed .icc profile. This issue has been patched in version 2.3.1.6.
Published: 2026-03-31
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential crash or undefined behavior
Action: Immediate Patch
AI Analysis

Impact

A crafted ICC profile can trigger undefined behavior when the CIccCombinedConnectionConditions constructor is invoked. The null‑pointer member call may cause a crash or data corruption, affecting the stability and reliability of the iccDEV toolkit.

Affected Systems

InternationalColorConsortium iccDEV libraries and tools, including iccApplyNamedCmm with the -PCC option, are affected in all releases prior to version 2.3.1.6. The vulnerability is fixed in version 2.3.1.6 and later.

Risk and Exploitability

The vulnerability has a CVSS score of 6.2, indicating moderate severity. Exploit information is limited; EPSS is not available and the issue is not listed in the CISA KEV catalog. Attackers would need to supply a malicious ICC profile to iccApplyNamedCmm, implying a local or privileged execution scenario rather than a remote network attack.

Generated by OpenCVE AI on April 1, 2026 at 05:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade iccDEV to version 2.3.1.6 or later.
  • If an update is not immediately possible, isolate the tool from untrusted files and monitor for crashes.

Generated by OpenCVE AI on April 1, 2026 at 05:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Color
Color iccdev
CPEs cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*
Vendors & Products Color
Color iccdev

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Internationalcolorconsortium
Internationalcolorconsortium iccdev
Vendors & Products Internationalcolorconsortium
Internationalcolorconsortium iccdev

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) via a null-pointer member call in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions() (reported by UBSan as “member call on null pointer of type CIccTagSpectralViewingConditions”). The issue is reachable when running iccApplyNamedCmm with -PCC using a malformed .icc profile. This issue has been patched in version 2.3.1.6.
Title iccDEV: UB in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions()
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Color Iccdev
Internationalcolorconsortium Iccdev
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-01T18:53:18.285Z

Reserved: 2026-03-30T16:31:39.263Z

Link: CVE-2026-34541

cve-icon Vulnrichment

Updated: 2026-04-01T18:53:11.723Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-31T22:16:21.763

Modified: 2026-04-20T13:54:00.160

Link: CVE-2026-34541

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T20:10:13Z

Weaknesses