Numeric Errors Affecting gdk-pixbuf package, versions <2.31.1-2+deb8u4
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN8-GDKPIXBUF-344977
- published 16 Aug 2015
- disclosed 16 Aug 2015
Introduced: 16 Aug 2015
CVE-2015-4491 Open this link in a new tabHow to fix?
Upgrade Debian:8 gdk-pixbuf to version 2.31.1-2+deb8u4 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream gdk-pixbuf package and not the gdk-pixbuf package as distributed by Debian.
See How to fix? for Debian:8 relevant fixed versions and status.
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.
References
- https://security-tracker.debian.org/tracker/CVE-2015-4491
- https://bugzilla.gnome.org/show_bug.cgi?id=752297
- https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199
- http://www.debian.org/security/2015/dsa-3337
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html
- https://security.gentoo.org/glsa/201512-05
- https://security.gentoo.org/glsa/201605-06
- http://www.mozilla.org/security/announce/2015/mfsa2015-88.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
- http://lists.opensuse.org/opensuse-updates/2015-09/msg00002.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1184009
- https://bugzilla.redhat.com/show_bug.cgi?id=1252290
- http://rhn.redhat.com/errata/RHSA-2015-1586.html
- http://rhn.redhat.com/errata/RHSA-2015-1682.html
- http://rhn.redhat.com/errata/RHSA-2015-1694.html
- http://www.securitytracker.com/id/1033247
- http://www.securitytracker.com/id/1033372
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2015-4491
- http://www.ubuntu.com/usn/USN-2702-1
- http://www.ubuntu.com/usn/USN-2702-2
- http://www.ubuntu.com/usn/USN-2702-3
- http://www.ubuntu.com/usn/USN-2712-1
- http://www.ubuntu.com/usn/USN-2722-1