Описание
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.42.12+dfsg-4build1 |
| esm-infra/bionic | released | 2.36.11-2ubuntu0.1~esm2 |
| esm-infra/focal | released | 2.40.0+dfsg-3ubuntu0.5+esm1 |
| esm-infra/xenial | released | 2.32.2-1ubuntu1.6+esm2 |
| jammy | released | 2.42.8+dfsg-1ubuntu0.4 |
| noble | released | 2.42.10+dfsg-3ubuntu3.2 |
| oracular | ignored | end of life, was needs-triage |
| plucky | released | 2.42.12+dfsg-2ubuntu0.1 |
| upstream | released | 2.42.12+dfsg-4 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_loa ...
EPSS
7.5 High
CVSS3