CVE-2021-46829
24.07.2022, 19:15
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gnome | gdk-pixbuf | 𝑥 < 2.42.8 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| gdk-pixbuf-devel |
| ||||||||||||||||||||||||||||||
| gdk-pixbuf-lang |
| ||||||||||||||||||||||||||||||
| gdk-pixbuf-query-loaders |
| ||||||||||||||||||||||||||||||
| gdk-pixbuf-query-loaders-32bit |
| ||||||||||||||||||||||||||||||
| gdk-pixbuf-thumbnailer |
| ||||||||||||||||||||||||||||||
| libgdk_pixbuf-2_0-0 |
| ||||||||||||||||||||||||||||||
| libgdk_pixbuf-2_0-0-32bit |
| ||||||||||||||||||||||||||||||
| typelib-1_0-GdkPixbuf-2_0 |
| ||||||||||||||||||||||||||||||
| typelib-1_0-GdkPixdata-2_0 |
|
Red Hat Enterprise Linux Releases
References