CVE-2022-44617
06.02.2023, 23:15
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| x.org | libxpm | 𝑥 < 3.5.15 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxpm |
| ||||||||||||||||||
| motif |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libXpm-devel |
| ||||||||||||||||||||||||||||||||||||||||||||||
| libXpm4 |
| ||||||||||||||||||||||||||||||||||||||||||||||
| libXpm4-32bit |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libXpm |
| ||||||||||||||||||||||||||||
| libXpm-devel |
|
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
References