Описание
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API.
Отчет
This vulnerability is rated Important for Red Hat products. An out-of-bounds read in libpng can occur when processing specially crafted palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. Successful exploitation requires a user to process a malicious PNG file, leading to potential application crash or information disclosure.
java-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of OpenJDK 11 ELS | java-21-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 17 | java-21-openjdk-portable | Affected | ||
| Red Hat build of OpenJDK 21 | java-21-openjdk-portable-rhel7 | Affected | ||
| Red Hat Enterprise Linux 10 | firefox | Not affected | ||
| Red Hat Enterprise Linux 10 | thunderbird | Not affected | ||
| Red Hat Enterprise Linux 6 | libpng | Will not fix | ||
| Red Hat Enterprise Linux 7 | firefox | Not affected | ||
| Red Hat Enterprise Linux 7 | java-11-openjdk | Affected | ||
| Red Hat Enterprise Linux 7 | libpng12 | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication
LIBPNG is a reference library for use in applications that read, creat ...
EPSS
7.1 High
CVSS3