Debian 9 LTS: DLA-2672-1 Critical Libwebp Security Issues
debian lts
June 5, 2021
Multiple security issues have been discovered in libwebp CVE-2018-25009
Topics Covered
Summary
CVE-2018-25009
An out-of-bounds read was found in function WebPMuxCreateInternal.
The highest threat from this vulnerability is to data confidentiality
and to the service availability.
CVE-2018-25010
An out-of-bounds read was found in function ApplyFilter.
The highest threat from this vulnerability is to data confidentiality
and to the service availability.
CVE-2018-25011
A heap-based buffer overflow was found in PutLE16().
The highest threat from this vulnerability is to data confidentiality
and integrity as well as system availability.
CVE-2018-25012
An out-of-bounds read was found in function WebPMuxCreateInternal.
The highest threat from this vulnerability is to data confidentiality
and to the service availability.
CVE-2018-25013
An out-of-bounds read was found in function ShiftBytes.
The highest threat from this vulnerability is to data confidentiality
and to the service availability.
CVE-2018-25014
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Package: libwebp
Version: 0.5.2-1+deb9u1
CVE ID: CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!