DSA-3777

96503

https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md

https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558

https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415

Stefan Esser discovered that the GD library incorrectly handled memory when processing certain images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-10166)

It was discovered that the GD library incorrectly handled certain malformed images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service. (CVE-2016-10167)

It was discovered that the GD library incorrectly handled certain malformed images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2016-10168)

Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed TGA images. If a user or automated system were tricked into processing a specially crafted TGA image, an attacker could cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6906)

Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed WebP images. If a user or automated system were tricked into processing a specially crafted WebP image, an attacker could cause a denial of service, or possibly execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-6912)

It was discovered that the GD library incorrectly handled creating oversized images. If a user or automated system were tricked into creating a specially crafted image, an attacker could cause a denial of service. (CVE-2016-9317)

It was discovered that the GD library incorrectly handled filling certain images. If a user or automated system were tricked into filling an image, an attacker could cause a denial of service.
(CVE-2016-9933).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for gd fixes the following security issues :

  - CVE-2016-6906: An out-of-bounds read in TGA     decompression was fixed which could have lead to     crashes. (bsc#1022553)

  - CVE-2016-6912: Double free vulnerability in the     gdImageWebPtr function in the GD Graphics Library (aka     libgd) allowed remote attackers to have unspecified     impact via large width and height values. (bsc#1022284)

  - CVE-2016-9317: The gdImageCreate function in the GD     Graphics Library (aka libgd) allowed remote attackers to     cause a denial of service (system hang) via an oversized     image. (bsc#1022283)

  - CVE-2016-10166: A potential unsigned underflow in gd     interpolation functions could lead to memory corruption     in the GD Graphics Library (aka libgd) (bsc#1022263)

  - CVE-2016-10167: A denial of service problem in     gdImageCreateFromGd2Ctx() could lead to libgd running     out of memory even on small files. (bsc#1022264)

  - CVE-2016-10168: A signed integer overflow in the GD     Graphics Library (aka libgd) could lead to memory     corruption (bsc#1022265)

This update was imported from the SUSE:SLE-12:Update update project.

This update for gd fixes the following security issues :

  - CVE-2016-6906: An out-of-bounds read in TGA     decompression was fixed which could have lead to     crashes. (bsc#1022553)

  - CVE-2016-6912: Double free vulnerability in the     gdImageWebPtr function in the GD Graphics Library (aka     libgd) allowed remote attackers to have unspecified     impact via large width and height values. (bsc#1022284)

  - CVE-2016-9317: The gdImageCreate function in the GD     Graphics Library (aka libgd) allowed remote attackers to     cause a denial of service (system hang) via an oversized     image. (bsc#1022283)

  - CVE-2016-10166: A potential unsigned underflow in gd     interpolation functions could lead to memory corruption     in the GD Graphics Library (aka libgd) (bsc#1022263)

  - CVE-2016-10167: A denial of service problem in     gdImageCreateFromGd2Ctx() could lead to libgd running     out of memory even on small files. (bsc#1022264)

  - CVE-2016-10168: A signed integer overflow in the GD     Graphics Library (aka libgd) could lead to memory     corruption (bsc#1022265)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

ID	Name	Product	Family	Severity
97468	Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : libgd2 vulnerabilities (USN-3213-1)	Nessus	Ubuntu Local Security Checks	critical
97369	openSUSE Security Update : gd (openSUSE-2017-289)	Nessus	SuSE Local Security Checks	critical
97203	SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2017:0468-1)	Nessus	SuSE Local Security Checks	critical
96912	Debian DSA-3777-1 : libgd2 - security update	Nessus	Debian Local Security Checks	critical

CVE-2016-6906

MEDIUM

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

critical

critical

critical

critical