Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

Mageia 8: MGASA-2022-0402 Critical: Gdk-Pixbuf Heap Overflow

mageia
Calendar Grey November 1, 2022
Dist Mageia Esm H88
Recent updates to gdk-pixbuf2.0 packages address a significant heap overflow vulnerability in Mageia. Discover further details regarding the security risk.
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals t...

Summary

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. (CVE-2021-44648)

References

- https://bugs.mageia.org/show_bug.cgi?id=30045

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/

-

- https://lists.debian.org/debian-security-announce/2022/msg00197.html

- https://ubuntu.com/security/notices/USN-5607-1

- https://www.cve.org/CVERecord?id=CVE-2021-44648

Resolution

SRPMS

- 8/core/gdk-pixbuf2.0-2.42.2-1.2.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 01 Nov 2022
URL: https://advisories.mageia.org/MGASA-2022-0402.html
Type: security
CVE: CVE-2021-44648

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.