Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-10111

Опубликовано: 16 апр. 2018
Источник: debian

Описание

An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
geglunfixedpackage

Примечания

  • https://bugzilla.gnome.org/show_bug.cgi?id=795249

  • https://gitlab.gnome.org/GNOME/gegl/issues/65

  • POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1

  • Architectual API limitation, negligible security impact

Связанные уязвимости

ubuntu логотип

CVE-2018-10111

CVSS3: 7.5
ubuntu
почти 8 лет назад

An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

redhat логотип

CVE-2018-10111

CVSS3: 3.3
redhat
почти 8 лет назад

An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

nvd логотип

CVE-2018-10111

CVSS3: 7.5
nvd
почти 8 лет назад

An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.

github логотип

GHSA-hgwq-xhxh-fqj5

CVSS3: 7.5
github
больше 3 лет назад

An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure.