Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Fedora 42 libcgif Critical Integer Overflow Advisory CVE-2026-4985

fedora
Calendar Grey April 10, 2026
Dist Fedora Esm H88
Critical advisory for Fedora 42 libcgif addressing integer overflow issue. Ensure timely updates for system security.
Version 0.5.3 Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

Summary

A fast and lightweight GIF encoder that can create GIF animations and images.

Summary of the main features:

- user-defined global or local color-palette with up to 256 colors

(limit of the GIF format)

- size-optimizations for GIF animations:

- option to set a pixel to transparent if it has identical color in the

previous frame (transparency optimization)

- do encoding just for the rectangular area that differs from the previous

frame (width/height optimization)

- fast: a GIF with 256 colors and 1024x1024 pixels can be created in below

50 ms even on a minimalistic system

- MIT license (permissive)

- different options for GIF animations: static image, N repetitions, infinite

repetitions

- additional source-code for verifying the encoder after making changes

- user-defined delay time from one frame to the next (can be set independently

for each frame)

- source-code conforms to the C99 standard

Update Information:

Version 0.5.3 Fix potential undefined behavior in cgif_addframe which could have led to an integer overflow CVE-2026-4985

Topics%20covered

Topics Covered

security advisory denial of service fedora critical integer overflow libcgif

Change Log

* Wed Apr 1 2026 Remi Collet - 0.5.3-1 - update to 0.5.3 * Tue Mar 31 2026 Remi Collet - 0.5.2-2 - fix potential undefined behavior in cgif_addframe CVE-2026-4985

References


[ 1 ] Bug #2452785 - CVE-2026-4985 libcgif: dloebl CGIF: Denial of Service via integer overflow in GIF image handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2452785

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7716e480cb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libcgif
Product: Fedora 42
Version: 0.5.3
Release: 1.fc42
URL: https://github.com/dloebl/cgif
Summary: A fast and lightweight GIF encoder

Topics%20covered

Topics Covered

security advisory denial of service fedora critical integer overflow libcgif

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here