CVE-2017-6314

Опубликовано: 10 мар. 2017

Источник: debian

Описание

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gdk-pixbuf	fixed	2.36.11-2		package
gdk-pixbuf	fixed	2.36.5-2+deb9u2	stretch	package
gdk-pixbuf	no-dsa		wheezy	package

Примечания

https://bugzilla.gnome.org/show_bug.cgi?id=779020
http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=1e513abdb55529f888233d3c96b27352d83aad5f

Связанные уязвимости

CVE-2017-6314

CVSS3: 5.5

ubuntu

почти 9 лет назад

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.

CVE-2017-6314

CVSS3: 3.3

redhat

почти 9 лет назад

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.

CVE-2017-6314

CVSS3: 5.5

nvd

почти 9 лет назад

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.

GHSA-c8q7-3fq2-cvvg

CVSS3: 5.5

github

больше 3 лет назад

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.

openSUSE-SU-2017:2393-1

suse-cvrf

больше 8 лет назад

Security update for gdk-pixbuf