Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
203
security advisorybuffer overflowcode executionMageia: MGASA-2019-0363 Moderate: SDL_Image Code Execution Issues
The updated packages fix security vulnerabilities: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker . MGASA-2019-0363 - Updated SDL_image packages fix security vulnerabilities Publication date: 06 Dec 2019 URL: https://advisories.mageia.org/MGASA-2019-0363.html Type: security Affected Mageia releases: 7 CVE: CVE-2018-3977, CVE-2019-5052, CVE-2019-5058, CVE-2019-5059, CVE-2019-5060, CVE-2019-7635, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222, CVE-2019-13616 The updated packages fix security vulnerabilities: An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (CVE-2018-3977) An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2_image 2.0.4. A specially crafted file can cause an integer overflow, resulting in too little memory being allocated, which can lead to a buffer overflow and potential code execution. (CVE-2019-5052) An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. (CVE-2019-5058) An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2_image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately ending in code execution. (CVE-2019-5059) An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2_image 2.0.4. A speciallycrafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap overflow, ultimately ending in code execution. (CVE-2019-5060) SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c (CVE-2019-7635). An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c. (CVE-2019-12217) An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c. (CVE-2019-12218) An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c. (CVE-2019-12219) An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c. (CVE-2019-12220) An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c. (CVE-2019-12221) An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c. (CVE-2019-12222) SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. (CVE-2019-13616) References: -https://bugs.mageia.org/show_bug.cgi?id=25766 - - https://www.cve.org/CVERecord?id=CVE-2018-3977 - https://www.cve.org/CVERecord?id=CVE-2019-5052 - https://www.cve.org/CVERecord?id=CVE-2019-5058 - https://www.cve.org/CVERecord?id=CVE-2019-5059 - https://www.cve.org/CVERecord?id=CVE-2019-5060 - https://www.cve.org/CVERecord?id=CVE-2019-7635 - https://www.cve.org/CVERecord?id=CVE-2019-12217 - https://www.cve.org/CVERecord?id=CVE-2019-12218 - https://www.cve.org/CVERecord?id=CVE-2019-12219 - https://www.cve.org/CVERecord?id=CVE-2019-12220 - https://www.cve.org/CVERecord?id=CVE-2019-12221 - https://www.cve.org/CVERecord?id=CVE-2019-12222 - https://www.cve.org/CVERecord?id=CVE-2019-13616 SRPMS: - 7/core/SDL_image-1.2.12-12.1.mga7 . Enhanced SDL_image distributions address numerous security concerns, specifically including overflow and execution vulnerabilities.. SDL_image update, Mageia security, code execution fix, heap overflow patch. . Severity: Important. LinuxSecurity.com Team
Dec 06, 2019
•Important
Mageia
202
security advisorymoderatebuffer overflowopenSUSE Leap 15: 2019:2070-1 Moderate: SDL2_image Buffer Overflows
An update that fixes 12 vulnerabilities is now available.. openSUSE Security Update: Security update for SDL2_image ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2070-1 Rating: moderate References: #1135787 #1135789 #1135796 #1135806 #1136101 #1140419 #1140421 #1141844 #1143763 #1143764 #1143766 #1143768 Cross-References: CVE-2019-12217 CVE-2019-12218 CVE-2019-12220 CVE-2019-12221 CVE-2019-12222 CVE-2019-13616 CVE-2019-5051 CVE-2019-5052 CVE-2019-5057 CVE-2019-5058 CVE-2019-5059 CVE-2019-5060 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes 12 vulnerabilities is now available. Description: This update for SDL2_image fixes the following issues: Update to new upstream release 2.0.5. Security issues fixed: * TALOS-2019-0820 CVE-2019-5051: exploitable heap-based buffer overflow vulnerability when loading a PCX file (boo#1140419) * TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file (boo#1140421) * TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the PCX image-rendering functionality of SDL2_image (boo#1143763) * TALOS-2019-0842 CVE-2019-5058: heap overflow in XCF image rendering can lead to code execution (boo#1143764) * TALOS-2019-0843 CVE-2019-5059: heap overflow in XPM image (boo#1143766) * TALOS-2019-0844 CVE-2019-5060: integer overflow in the XPM image (boo#1143768) Not mentioned by upstream, but issues seemingly further fixed: * CVE-2019-12218: NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW (boo#1135789) * CVE-2019-12217: NULL pointer dereference in the SDL stdio_read function (boo#1135787) * CVE-2019-12220: SDL_image triggers an out-of-bounds read in the SDL function SDL_FreePalette_REAL (boo#1135806) * CVE-2019-12221: a SEGV caused by SDL_image in SDL function SDL_free_REAL in stdlib/SDL_malloc.c (boo#1135796) * CVE-2019-12222: out-of-bounds read triggered by SDL_image in the function SDL_InvalidateMap at video/SDL_pixels.c (boo#1136101) * CVE-2019-13616: fix heap buffer overflow when reading a crafted bmp file (boo#1141844). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2070=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2070=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): SDL2_image-debugsource-2.0.5-lp151.2.5.1 libSDL2_image-2_0-0-2.0.5-lp151.2.5.1 libSDL2_image-2_0-0-debuginfo-2.0.5-lp151.2.5.1 libSDL2_image-devel-2.0.5-lp151.2.5.1 - openSUSE Leap 15.1 (x86_64): libSDL2_image-2_0-0-32bit-2.0.5-lp151.2.5.1 libSDL2_image-2_0-0-32bit-debuginfo-2.0.5-lp151.2.5.1 libSDL2_image-devel-32bit-2.0.5-lp151.2.5.1 - openSUSE Leap 15.0 (i586 x86_64): SDL2_image-debugsource-2.0.5-lp150.9.1 libSDL2_image-2_0-0-2.0.5-lp150.9.1 libSDL2_image-2_0-0-debuginfo-2.0.5-lp150.9.1 libSDL2_image-devel-2.0.5-lp150.9.1 - openSUSE Leap 15.0 (x86_64): libSDL2_image-2_0-0-32bit-2.0.5-lp150.9.1 libSDL2_image-2_0-0-32bit-debuginfo-2.0.5-lp150.9.1 libSDL2_image-devel-32bit-2.0.5-lp150.9.1 References: https://www.suse.com/security/cve/CVE-2019-12217.html https://www.suse.com/security/cve/CVE-2019-12218.html https://www.suse.com/security/cve/CVE-2019-12220.html https://www.suse.com/security/cve/CVE-2019-12221.html https://www.suse.com/security/cve/CVE-2019-12222.html https://www.suse.com/security/cve/CVE-2019-13616.html https://www.suse.com/security/cve/CVE-2019-5051.html https://www.suse.com/security/cve/CVE-2019-5052.html https://www.suse.com/security/cve/CVE-2019-5057.html https://www.suse.com/security/cve/CVE-2019-5058.html https://www.suse.com/security/cve/CVE-2019-5059.html https://www.suse.com/security/cve/CVE-2019-5060.html https://bugzilla.suse.com/1135787 https://bugzilla.suse.com/1135789 https://bugzilla.suse.com/1135796 https://bugzilla.suse.com/1135806 https://bugzilla.suse.com/1136101 https://bugzilla.suse.com/1140419 https://bugzilla.suse.com/1140421 https://bugzilla.suse.com/1141844 https://bugzilla.suse.com/1143763 https://bugzilla.suse.com/1143764 https://bugzilla.suse.com/1143766 https://bugzilla.suse.com/1143768 -- . This Fedora upgrade resolves problems tied to SDL2_image, remedying various security flaws and bolstering protection.. openSUSE Update, SDL2_image Security, Moderate Patches, Software Vulnerabilities. . LinuxSecurity.com Team
Sep 05, 2019
OpenSUSE
203
security advisorysoftware updatecode executionMageia 6 MGASA-2018-0454 Moderate: SDL2_image Code Exec Threats
This update fixes various security vulnerabilities affecting the SDL2_image library, listed below. The fixes are provided in SDL2_image 2.0.4, which depends on SDL2 2.0.8 or later. As such, the SDL2 and SDL2_mixer libraries are also updated to their current stable releases, providing various bug fixes and features. . MGASA-2018-0454 - Updated sdl2/mingw-SDL2 packages fix security vulnerabilities Publication date: 17 Nov 2018 URL: https://advisories.mageia.org/MGASA-2018-0454.html Type: security Affected Mageia releases: 6 CVE: CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14449, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839, CVE-2018-3977 This update fixes various security vulnerabilities affecting the SDL2_image library, listed below. The fixes are provided in SDL2_image 2.0.4, which depends on SDL2 2.0.8 or later. As such, the SDL2 and SDL2_mixer libraries are also updated to their current stable releases, providing various bug fixes and features. The security vulnerabilities fixed in this update are the following: An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2017-0488, CVE-2017-12122) An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2017-0489, CVE-2017-14440) An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a speciallycrafted image to trigger this vulnerability. (TALOS-2017-0490, CVE-2017-14441) An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2017-0491, CVE-2017-14442) An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2017-0497, CVE-2017-14448) A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2017-0498, CVE-2017-14449) A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. (TALOS-2017-0499, CVE-2017-14450) An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2018-0519, CVE-2018-3837) An exploitable information vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2018-0520, CVE-2018-3838) An exploitable code execution vulnerability exists in the XCF image renderingfunctionality of SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2018-0521, CVE-2018-3839) An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (TALOS-2018-0645, CVE-2018-3977) References: - https://bugs.mageia.org/show_bug.cgi?id=22769 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0488 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0489 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0490 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0491 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0497 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0498 - https://talosintelligence.com/vulnerability_reports/TALOS-2017-0499 - https://talosintelligence.com/vulnerability_reports/TALOS-2018-0519 - https://talosintelligence.com/vulnerability_reports/TALOS-2018-0520 - https://talosintelligence.com/vulnerability_reports/TALOS-2018-0521 - https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645 - https://github.com/libsdl-org/SDL/blob/c49ecf6f7c10b668ebd87b89dfc3c7bfd215cb75/WhatsNew.txt - https://www.libsdl.org/projects/SDL_image/ - https://www.libsdl.org/projects/SDL_mixer/ - https://www.cve.org/CVERecord?id=CVE-2017-12122 - https://www.cve.org/CVERecord?id=CVE-2017-14440 - https://www.cve.org/CVERecord?id=CVE-2017-14441 - https://www.cve.org/CVERecord?id=CVE-2017-14442 - https://www.cve.org/CVERecord?id=CVE-2017-14448 - https://www.cve.org/CVERecord?id=CVE-2017-14449 - https://www.cve.org/CVERecord?id=CVE-2017-14450 - https://www.cve.org/CVERecord?id=CVE-2018-3837 - https://www.cve.org/CVERecord?id=CVE-2018-3838 -https://www.cve.org/CVERecord?id=CVE-2018-3839 - https://www.cve.org/CVERecord?id=CVE-2018-3977 SRPMS: - 6/core/sdl2-2.0.9-1.mga6 - 6/core/sdl2_image-2.0.4-1.mga6 - 6/core/sdl2_mixer-2.0.4-1.mga6 - 6/core/mingw-SDL2-2.0.9-1.mga6 - 6/core/mingw-SDL2_image-2.0.4-1.mga6 - 6/core/mingw-SDL2_mixer-2.0.4-1.mga6 . The recent Mageia security patch MGASA-2018-0454 tackles various vulnerabilities in SDL2_image, mitigating potential code execution risks.. Mageia Security, SDL2_image Update, Code Execution Threats, Image Rendering Vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Nov 17, 2018
•Important
Mageia
202
security advisorycode executionimportantopenSUSE Leap 42.3: 2018:0734-1 Important: SDL2 Image Code Execution
An update that solves 7 vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for SDL2, SDL2_image ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:0734-1 Rating: important References: #1025413 #1084256 #1084257 #1084282 #1084288 #1084297 #1084303 #1084304 Cross-References: CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14449 CVE-2017-14450 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has one errata is now available. Description: This update for SDL2 and SDL2_image fixes the following issues: - CVE-2017-14441: Code execution in the ICO image rendering (bsc#1084282). - CVE-2017-14440: Potential code execution in the ILBM image rendering functionality (bsc#1084257). - CVE-2017-12122: Potential code execution in the ILBM image rendering fuctionality (bsc#1084256). - CVE-2017-14448: Heap buffer overflow in the XCF image rendering functionality (bsc#1084303). - CVE-2017-14449: Double-Free in the XCF image rendering (bsc#1084297). - CVE-2017-14442: Stack buffer overflow the BMP image rendering functionality (bsc#1084304). - CVE-2017-14450: Buffer overflow in the GIF image parsing (bsc#1084288). Bug fixes: - boo#1025413: Add dbus-ime.diff and build with fcitx. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-280=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): SDL2-debugsource-2.0.8-18.1 SDL2_image-debugsource-2.0.3-13.10.1 libSDL2-2_0-0-2.0.8-18.1 libSDL2-2_0-0-debuginfo-2.0.8-18.1 libSDL2-devel-2.0.8-18.1 libSDL2_image-2_0-0-2.0.3-13.10.1 libSDL2_image-2_0-0-debuginfo-2.0.3-13.10.1 libSDL2_image-devel-2.0.3-13.10.1 - openSUSE Leap 42.3 (x86_64): libSDL2-2_0-0-32bit-2.0.8-18.1 libSDL2-2_0-0-debuginfo-32bit-2.0.8-18.1 libSDL2-devel-32bit-2.0.8-18.1 libSDL2_image-2_0-0-32bit-2.0.3-13.10.1 libSDL2_image-2_0-0-debuginfo-32bit-2.0.3-13.10.1 libSDL2_image-devel-32bit-2.0.3-13.10.1 References: https://www.suse.com/security/cve/CVE-2017-12122.html https://www.suse.com/security/cve/CVE-2017-14440.html https://www.suse.com/security/cve/CVE-2017-14441.html https://www.suse.com/security/cve/CVE-2017-14442.html https://www.suse.com/security/cve/CVE-2017-14448.html https://www.suse.com/security/cve/CVE-2017-14449.html https://www.suse.com/security/cve/CVE-2017-14450.html https://bugzilla.suse.com/1025413 https://bugzilla.suse.com/1084256 https://bugzilla.suse.com/1084257 https://bugzilla.suse.com/1084282 https://bugzilla.suse.com/1084288 https://bugzilla.suse.com/1084297 https://bugzilla.suse.com/1084303 https://bugzilla.suse.com/1084304 -- . openSUSE has released a vital security update for SDL2 and SDL2_image, providing important fixes to boost security.. openSUSE Security, SDL2 Update, Security Fixes. . Severity: Important. LinuxSecurity.com Team
Mar 18, 2018
•Important
OpenSUSE
172
security advisorysecurity issuesoftware updateUbuntu: USN-1206-1 Moderate: Librsvg Security Issue Remote Access
SVG image rendering library has had flaws fixed.. =========================================================================Ubuntu Security Notice USN-1206-1 September 13, 2011 librsvg vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: SVG image rendering library has had flaws fixed. Software Description: - librsvg: Rendering library for SVG files Details: Sauli Pahlman discovered that librsvg did not correctly handle malformed filter names. If a user or automated system were tricked into processing a specially crafted SVG image, a remote attacker could gain user privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: librsvg2-2 2.32.1-0ubuntu3.1 librsvg2-bin 2.32.1-0ubuntu3.1 librsvg2-common 2.32.1-0ubuntu3.1 librsvg2-dev 2.32.1-0ubuntu3.1 Ubuntu 10.10: librsvg2-2 2.32.0-0ubuntu1.1 librsvg2-bin 2.32.0-0ubuntu1.1 librsvg2-common 2.32.0-0ubuntu1.1 librsvg2-dev 2.32.0-0ubuntu1.1 Ubuntu 10.04 LTS: librsvg2-2 2.26.3-0ubuntu1.1 librsvg2-bin 2.26.3-0ubuntu1.1 librsvg2-common 2.26.3-0ubuntu1.1 librsvg2-dev 2.26.3-0ubuntu1.1 After a standard system update you need to restart your session to make all the necessary changes. References: CVE-2011-3146 Package Information: https://launchpad.net/ubuntu/+source/librsvg/2.32.1-0ubuntu3.1 https://launchpad.net/ubuntu/+source/librsvg/2.32.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/librsvg/2.26.3-0ubuntu1.1 . Examine the latest librsvg security flaw impacting several Ubuntu versions and follow the provided guidelines for updates.. librsvg vulnerability, Ubuntusecurity, image rendering flaw. . LinuxSecurity.com Team
Sep 13, 2011
Ubuntu
91
security advisoryheap overflowGentoo LinuxGentoo: GLSA-200604-10 Normal: zgv/xzgv Heap Overflow Attack
xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour space incorrectly, potentially resulting in the execution of arbitrary code. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200604-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: zgv, xzgv: Heap overflow Date: April 21, 2006 Bugs: #127008 ID: 200604-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour space incorrectly, potentially resulting in the execution of arbitrary code. Background ========= xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-gfx/xzgv < 0.8-r2 > = 0.8-r2 2 media-gfx/zgv < 5.8 > = 5.8 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer. Impact ===== An attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv orzgv user when attempting to render the image. Workaround ========= There is no known workaround at this time. Resolution ========= All xzgv users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-gfx/xzgv-0.8-r2" All zgv users should also upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-gfx/zgv-5.8" References ========= [ 1 ] CVE-2006-1060 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200604-10 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Apr 21, 2006
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!