Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 22.04 LTS: 7437-1 critical: cimg buffer overflow and DoS

ubuntu
Calendar Grey April 15, 2025
Dist Ubuntu Esm H88
Multiple vulnerabilities addressed in CImg library for Ubuntu, resolving buffer overflow and denial-of-service concerns.
Several security issues were fixed in CImg.

Summary

Several security issues were fixed in CImg.

Software Description:

- cimg: powerful image processing library

Details:

It was discovered that the CImg library did not properly check the size

of images before loading them. An attacker could possibly use this issue

to cause a denial of service. This issue only affected Ubuntu 22.04 LTS.

(CVE-2022-1325)

It was discovered that the CImg library did not correctly handle certain

memory operations, which could lead to a buffer overflow. An attacker

could possibly use this issue to execute arbitrary code or cause a denial

of service. (CVE-2024-26540)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   cimg-dev                        3.2.1+dfsg-1ubuntu0.24.10.1

Ubuntu 24.04 LTS
   cimg-dev                        3.2.1+dfsg-1ubuntu0.24.04.1~esm1
                                   Available with Ubuntu Pro

Ubuntu 22.04 LTS
   cimg-dev                        2.9.4+dfsg-3ubuntu0.1~esm1
                                   Available with Ubuntu Pro

Ubuntu 18.04 LTS
   cimg-dev                        1.7.9+dfsg-2ubuntu0.18.04.2+esm1
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7437-1

  CVE-2022-1325, CVE-2024-26540

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7437-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here