Re: CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/24/2012 12:45 AM, Huzaifa Sidhpurwala wrote:
> Hi All,
>
> An out-of heap-based buffer read flaw was found in the way libpng,
> a library of functions or creating and manipulating PNG (Portable
> Network Graphics) image format files, performed reading of PNG
> image file data when decompressing certain images. A remote
> attacker could provide a specially-crafted PNG file, which once
> opened in an application linked against libpng would lead to that
> application crash.
>
> References: [1]
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668082
>
> Can a CVE id be please assigned to this issue.
>
> Thanks!

Just a quick note: this was previously fixed in 1.2.48 by removing the
offending function.

Please use CVE-2012-3425 for this issue.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQDs9TAAoJEBYNRVNeJnmTDYcP/3mWsa1Evprd8ByAJdbmns9I
7d7TSx1+eqSMsPM8lvz1CdpF/yx/BRfW+2vgwlvyX0172hLU40NazjQdXEjQORQH
HJxUGQiav7JaOf/w8u5/5VivUOGOBn35dWfdExabj0Fia8QpRWjsiM8c3cyIf2lZ
al5gGcXUKWHZVwfFAT5oc+bGM/cc7FK686VGFVJ27Akz3Qm80DuWM9d6FHEROS0Q
c+mHRKsHn1WM7bnJAPcADbvAffCFpdnhjcBVDQdRCxi0O+zmRd402YmnLmnc3ZiE
iAYUL4AlXeqmMUu48A4SpRsugkoIGKHG94t3grHzZyX2MfF7IcBMGYUS+D0R8Bsy
+TPvp/3Ocr/rC2/cBGi81q/3+NUTFvYaIV9KCg3DfJi2npiDWue0wGBu1+wE2LTO
KJBu6G2kxFLZOmV6jxtEpx2Y6rQkG3bg2zaep3vkFiT7q/rNmm0Z+vQ9hasHWjIW
DRg9anbvID0DHeKYoaWbACIvNJR4iJpH2JrBtHjclH811gV4mnBitksguR4yKRX/
Z3qAnbgIOrU0dzt7m833eXPJarU93bcEzBI2e0/mkPfBBfNWCy/PWJ2M61yd/pyZ
DKWQCIMDNmLnTP8Gq98pWaWEQzm/PYjdmQj1tN2tUz86Gh2R3zBumDq7dD7Es8eC
PRI8BV1B3P9U9GwaF6h9
=1uE/
-----END PGP SIGNATURE-----