CVE-2023-39742

giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
giflib_projectgiflib
5.2.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
giflib
bullseye
unimportant
bookworm
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
giflib
noble
not-affected
mantic
not-affected
lunar
ignored
jammy
not-affected
focal
Fixed 5.1.9-1ubuntu0.1
released
bionic
Fixed 5.1.4-2ubuntu0.1+esm1
released
xenial
Fixed 5.1.4-0.3~16.04.1+esm1
released
trusty
ignored
Common Weakness Enumeration
References
https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4RLSFGPBPR3FMIUJCWPGVIYIU35YGQX/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPNBOB65TEA4ZEPLVENI26BY4LEX7TEF/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5WO6WL2TCGO6T4VKGACDIVSZI74WJAU/
https://sourceforge.net/p/giflib/bugs/166/
https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4RLSFGPBPR3FMIUJCWPGVIYIU35YGQX/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPNBOB65TEA4ZEPLVENI26BY4LEX7TEF/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5WO6WL2TCGO6T4VKGACDIVSZI74WJAU/
https://sourceforge.net/p/giflib/bugs/166/