Описание
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | 2.42.8+dfsg-1 |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | released | 2.40.0+dfsg-3ubuntu0.3 |
| esm-infra/xenial | not-affected | code not present |
| focal | released | 2.40.0+dfsg-3ubuntu0.3 |
| jammy | not-affected | 2.42.8+dfsg-1 |
| kinetic | not-affected | 2.42.8+dfsg-1 |
| trusty | not-affected | code not present |
| upstream | not-affected | 2.42.8+dfsg-1 |
Показывать по
Ссылки на источники
7.8 High
CVSS3
Связанные уязвимости
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buf ...
7.8 High
CVSS3