http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.0.news

openSUSE-SU-2016:0897

openSUSE-SU-2016:1467

DSA-3378

[oss-security] 20151001 CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1

[oss-security] 20151002 Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1

76953

USN-2767-1

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=19f9685dbff7d1f929c61cf99188df917a18811d

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=edf6fb8d856574bc3bb3a703037f56533229267c

GLSA-201512-05

This update for gdk-pixbuf fixes the following issues :

  - CVE-2015-7552: Fixed various overflows in image handling     (boo#958963).

  - CVE-2015-7673: Fixed an overflow and DoS with a TGA file     (boo#948790).

  - CVE-2015-7674: Fixed overflow when scaling a gif     (boo#948791).

Gustavo Grieco discovered different security issues in Gtk+2.0's gdk-pixbuf.

CVE-2015-4491

Heap overflow when processing BMP images which may allow to execute of arbitrary code via malformed images.

CVE-2015-7673

Heap overflow when processing TGA images which may allow execute arbitrary code or denial of service (process crash) via malformed images.

CVE-2015-7674

Integer overflow when processing GIF images which may allow to execute arbitrary code or denial of service (process crash) via malformed image.

For Debian 6 'Squeeze', these issues have been fixed in gtk+2.0 version 2.20.1-2+deb6u2. We recommend you to upgrade your gtk+2.0 packages.

Learn more about the Debian Long Term Support (LTS) Project and how to apply these updates at: https://wiki.debian.org/LTS/

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The gdk pixbuf library was updated to fix three security issues.

These security issues were fixed :

  - CVE-2015-7673: Fix some more overflows scaling a gif     (bsc#948791)

  - CVE-2015-4491: Check for overflow before allocating     memory when scaling (bsc#942801)

  - CVE-2015-7673: Fix an overflow and DoS when scaling TGA     files (bsc#948790).

  - CVE-2015-7674: Fix overflow when scaling GIF     files(bsc#948791).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201512-05 (gdk-pixbuf: Multiple Vulnerabilities)

    Three heap-based buffer overflow vulnerabilities have been discovered in       gdk-pixbuf. Please review the CVE identifiers referenced below for       details.
  Impact :

    A remote attacker could entice a user to open a specially crafted image       file with an application linked against gdk-pixbuf, possibly resulting in       execution of arbitrary code with the privileges of the process or a       Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation. The Common Vulnerabilities and Exposures project identifies the following problems :

  - CVE-2015-7673     Gustavo Grieco discovered a heap overflow in the     processing of TGA images which may result in the     execution of arbitrary code or denial of service     (process crash) if a malformed image is opened.

  - CVE-2015-7674     Gustavo Grieco discovered an integer overflow flaw in     the processing of GIF images which may result in the     execution of arbitrary code or denial of service     (process crash) if a malformed image is opened.

Gustavo Grieco discovered that the GDK-PixBuf library did not properly handle scaling tga image files, leading to a heap overflow. If a user or automated system were tricked into opening a tga image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7673)

Gustavo Grieco discovered that the GDK-PixBuf library contained an integer overflow when handling certain GIF images. If a user or automated system were tricked into opening a GIF image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7674).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

reports :

We found a heap overflow and a DoS in the gdk-pixbuf implementation triggered by the scaling of tga file.

We found a heap overflow in the gdk-pixbuf implementation triggered by the scaling of gif file.

ID	Name	Product	Family	Severity
91438	openSUSE Security Update : gdk-pixbuf (openSUSE-2016-669)	Nessus	SuSE Local Security Checks	high
90253	openSUSE Security Update : gdk-pixbuf (openSUSE-2016-405)	Nessus	SuSE Local Security Checks	high
88995	Debian DLA-434-1 : gtk+2.0 security update	Nessus	Debian Local Security Checks	medium
87646	SUSE SLED12 / SLES12 Security Update : gdk-pixbuf (SUSE-SU-2015:2195-2)	Nessus	SuSE Local Security Checks	medium
87546	GLSA-201512-05 : gdk-pixbuf: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	medium
87215	SUSE SLED12 / SLES12 Security Update : gdk-pixbuf (SUSE-SU-2015:2195-1)	Nessus	SuSE Local Security Checks	medium
86581	Debian DSA-3378-1 : gdk-pixbuf - security update	Nessus	Debian Local Security Checks	medium
86379	Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : gdk-pixbuf vulnerabilities (USN-2767-1)	Nessus	Ubuntu Local Security Checks	medium
86278	FreeBSD : gdk-pixbuf2 -- head overflow and DoS (9272a5b0-6b40-11e5-bd7f-bcaec565249c)	Nessus	FreeBSD Local Security Checks	medium

CVE-2015-7673

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

medium

medium

medium

medium

medium

medium

medium