Fedora 27 : libpng10 (2018-3e04e9fe54)

High Nessus Plugin ID 111397


The remote Fedora host is missing a security update.


Fix for CVE-2018-13785: the libpng10 library was vulnerable to an integer overflow and resultant divide-by-zero in the pngrutil.c:png_check_chunk_length() function. An attacker could exploit this to cause a denial of service via a crafted PNG file.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected libpng10 package.

See Also


Plugin Details

Severity: High

ID: 111397

File Name: fedora_2018-3e04e9fe54.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2018/07/30

Modified: 2018/07/30

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:libpng10, cpe:/o:fedoraproject:fedora:27

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2018/07/29

Reference Information

CVE: CVE-2018-13785