OpenImageIO TGA Decoder Flaw CVE-2026-43996 Enables OOB Read

Executive Summary

A bounds-check bypass vulnerability in OpenImageIO's TGA image decoder, tracked as CVE-2026-43996, allows an attacker to trigger an out-of-bounds (OOB) read by crafting a malicious TGA file. The flaw, rated CVSS 5.5 (medium severity), stems from unsigned 32-bit integer wraparound in the TGAInput::decode_pixel function. OpenImageIO versions prior to 3.0.18.0 and 3.1.13.0 are affected. The project maintainers released patches on May 12, 2026, according to the GitHub security advisory (GHSA-mq8j-73c4-cr55). Organizations in visual effects (VFX), animation, and media production that rely on OpenImageIO for image processing pipelines should prioritize updating to the patched versions.

Technical Analysis

OpenImageIO is a widely used open-source library for reading, writing, and manipulating image files across formats relevant to VFX and animation pipelines, including TGA (Truevision Targa). The vulnerability resides in the TGAInput::decode_pixel method, which handles palette-indexed pixel decoding for TGA images.

According to the advisory published by the Academy Software Foundation, the bounds check computes k + palbytespp using unsigned 32-bit arithmetic. When an attacker sets the palette index k to 0xFFFFFFFC (a value near the maximum of a 32-bit unsigned integer) and the palette bytes per pixel (palbytespp) to 4, the addition wraps around to 0. The result 0 is then compared against palette_alloc_size — if the allocated palette size is greater than 0, the check passes, and the code proceeds to read from palette memory at an offset that exceeds the allocated buffer. This OOB read can leak sensitive memory contents or cause a crash.

The advisory notes that the vulnerability was discovered internally by the OpenImageIO development team during code review, not through external exploit reports. No public proof-of-concept or active exploitation has been confirmed as of the advisory publication date. However, the flaw is trivially exploitable with a crafted TGA file, making it a credible risk for any system that processes untrusted TGA images through an affected version.

Patched versions 3.0.18.0 and 3.1.13.0 fix the issue by changing the arithmetic to use 64-bit unsigned integers for the bounds check, eliminating the wraparound condition. The fix was merged into the main branch on April 30, 2026, and released as part of the May 12 patch cycle.

Mitigations & Recommendations

Defenders should update OpenImageIO to version 3.0.18.0 or 3.1.13.0 (or later) on all systems that process TGA files, particularly in render farms, asset management servers, and workstation deployments in media production environments. For systems where immediate patching is not feasible, administrators can mitigate risk by restricting TGA file ingestion to trusted sources only and scanning incoming files with image validation tools that detect malformed palette data. Given the CVSS 5.5 rating and the lack of known in-the-wild exploitation, this flaw is unlikely to be a priority for most organizations outside the VFX and animation sectors, but the potential for memory disclosure in multi-tenant rendering pipelines warrants attention.