Ubuntu 5432-1: libpng vulnerabilities | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5432-1
May 23, 2022

libpng vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

Several security issues were fixed in libpng.

Software Description:
- libpng: PNG (Portable Network Graphics) file library

Details:

It was discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2017-12652)

Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2018-14048)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  libpng12-0                      1.2.54-1ubuntu1.1+esm1
  libpng12-dev                    1.2.54-1ubuntu1.1+esm1
  libpng3                         1.2.54-1ubuntu1.1+esm1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5432-1
  CVE-2017-12652, CVE-2018-14048

Ubuntu 5432-1: libpng vulnerabilities

May 23, 2022
Several security issues were fixed in libpng.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Several security issues were fixed in libpng. Software Description: - libpng: PNG (Portable Network Graphics) file library Details: It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary code. (CVE-2017-12652) Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary code. (CVE-2018-14048)

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: libpng12-0 1.2.54-1ubuntu1.1+esm1 libpng12-dev 1.2.54-1ubuntu1.1+esm1 libpng3 1.2.54-1ubuntu1.1+esm1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5432-1

CVE-2017-12652, CVE-2018-14048

Severity
Ubuntu Security Notice USN-5432-1

Package Information

Related News

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

Microsoft Opens Azure Confidential Containers to Public Preview

News

Advisories

HOWTOs

Features

ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems
ZeroLock: How to Defend Against Ransomware on Linux

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy