Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 553
Alerts This Week
Warning Icon 1 553

Ubuntu 20.10 & 20.04 USN-4743-1 Critical: GDK-PixBuf Denial of Service

ubuntu
Calendar Grey February 22, 2021
Dist Ubuntu Esm H88
PNG-Crystal vulnerability may cause failures while handling specially designed PNG images; prompt upgrade advised.
GDK-PixBuf could be made to crash if it opened a specially crafted file.

Summary

GDK-PixBuf could be made to crash if it opened a specially crafted file.

Software Description:

- gdk-pixbuf: GDK Pixbuf library

Details:

It was discovered that the GDK-PixBuf library did not properly handle

certain GIF images. If an user or automated system were tricked into

opening a specially crafted GIF file, a remote attacker could use this flaw

to cause GDK-PixBuf to crash, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  libgdk-pixbuf2.0-0              2.40.0+dfsg-5ubuntu0.2

Ubuntu 20.04 LTS:
  libgdk-pixbuf2.0-0              2.40.0+dfsg-3ubuntu0.2

After a standard system update you need to restart your session to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-4743-1

CVE-2021-20240

Severity
critical
Lowest
Low
Medium
High
Critical

February 22, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.