Описание
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
A flaw was found in gdk-pixbuf. The vulnerability occurs due to the index overwriting in the lzw_decoder_new function, leading to a heap buffer overflow. This flaw allows an attacker to input a specially crafted GIF file, leading to a crash or code execution.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | gdk-pixbuf2 | Not affected | ||
| Red Hat Enterprise Linux 7 | gdk-pixbuf2 | Not affected | ||
| Red Hat Enterprise Linux 8 | gdk-pixbuf2 | Not affected | ||
| Red Hat Enterprise Linux 9 | gdk-pixbuf2 | Fixed | RHSA-2023:2216 | 09.05.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.3 High
CVSS3
Связанные уязвимости
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulner ...
EPSS
7.3 High
CVSS3