Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

Ubuntu 20.04 LTS USN-5554-1 Critical: GDK-PixBuf Crash Threat

ubuntu
Calendar Grey August 8, 2022
Dist Ubuntu Esm H88
A security flaw in GDK-PixBuf enables crashing or unauthorized program execution through specially crafted PNG files in Ubuntu 22.04 LTS.
GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file.

Summary

GDK-PixBuf could be made to crash or run programs as your login if it

opened a specially crafted file.

Software Description:

- gdk-pixbuf: GDK Pixbuf library

Details:

Pedro Ribeiro discovered that the GDK-PixBuf library did not properly

handle certain GIF images. If an user or automated system were tricked into

opening a specially crafted GIF file, a remote attacker could use this flaw

to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly

execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  libgdk-pixbuf2.0-0              2.40.0+dfsg-3ubuntu0.3

After a standard system update you need to restart your session to make all
the necessary changes.

References

CVE-2021-46829

Severity
critical
Lowest
Low
Medium
High
Critical

August 08, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.