Описание
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libsixel | fixed | 1.8.2-2 | package | |
| libsixel | fixed | 1.8.2-1+deb10u1 | buster | package |
| libsixel | fixed | 1.5.2-2+deb9u1 | stretch | package |
| libsixel | not-affected | jessie | package |
Примечания
https://github.com/saitoha/libsixel/issues/82
https://bugzilla.redhat.com/show_bug.cgi?id=1649201 (reproducer)
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 7 лет назад
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.
CVSS3: 5.5
nvd
около 7 лет назад
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.
CVSS3: 5.5
github
больше 3 лет назад
There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.