Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 16.04: USN-3912-1 Critical Vulnerability in GDK-PixBuf DoS Risk

ubuntu
Calendar Grey March 20, 2019
Dist Ubuntu Esm H88
A vulnerability in GDK-PixBuf may result in a system crash or unauthorized code execution when processing specially crafted BMP files on Ubuntu 16.04.
GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file.

Summary

GDK-PixBuf could be made to crash or run programs as your login if it

opened a specially crafted file.

Software Description:

- gdk-pixbuf: GDK Pixbuf library

Details:

It was discovered that the GDK-PixBuf library did not properly handle

certain BMP images. If an user or automated system were tricked into

opening a specially crafted BMP file, a remote attacker could use this flaw

to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly

execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libgdk-pixbuf2.0-0              2.32.2-1ubuntu1.6

After a standard system update you need to restart your session to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3912-1

CVE-2017-12447

Severity
critical
Lowest
Low
Medium
High
Critical

March 20, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here