Описание
KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| kimageformats | fixed | 5.83.0-1 | experimental | package |
| kimageformats | fixed | 5.78.0-5 | package | |
| kimageformats | no-dsa | buster | package | |
| kimageformats | no-dsa | stretch | package |
Примечания
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33742
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2021-695.yaml
https://invent.kde.org/frameworks/kimageformats/commit/297ed9a2fe339bfe36916b9fce628c3242e5be0f
EPSS
Процентиль: 59%
0.0038
Низкий
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 4 лет назад
KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.
CVSS3: 5.5
nvd
больше 4 лет назад
KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.
github
больше 3 лет назад
KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE.
EPSS
Процентиль: 59%
0.0038
Низкий