Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Ubuntu 20.10 & 20.04 LTS: USN-4663-1 Critical: GDK-PixBuf Denial of Service

ubuntu
Calendar Grey December 8, 2020
Dist Ubuntu Esm H88
A vulnerability in GDK-PixBuf on Ubuntu enables denial of service through a crafted GIF file. Ensure you update your systems to mitigate possible attacks.
GDK-PixBuf could be made to hang if it opened a specially crafted file.

Summary

GDK-PixBuf could be made to hang if it opened a specially crafted file.

Software Description:

- gdk-pixbuf: GDK Pixbuf library

Details:

Melvin Kool discovered that the GDK-PixBuf library did not properly handle

certain GIF images. If an user or automated system were tricked into

opening a specially crafted GIF file, a remote attacker could use this flaw

to cause GDK-PixBuf to hang, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  libgdk-pixbuf2.0-0              2.40.0+dfsg-5ubuntu0.1

Ubuntu 20.04 LTS:
  libgdk-pixbuf2.0-0              2.40.0+dfsg-3ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-4663-1

CVE-2020-29385

Severity
critical
Lowest
Low
Medium
High
Critical

December 08, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.