oss-sec mailing list archives

Re: CVE Request: Use-after-free in optipng 0.6.4

From: Mark Felder <feld () feld me>
Date: Thu, 17 Sep 2015 09:54:59 -0500



On Wed, Sep 16, 2015, at 06:11, Gustavo Grieco wrote:

We found a use-after-free causing an invalid/double free in optipng
0.6.4.
Upstream is working in fixing it but keep in mind that optipng 0.6.x is
officially unsupported. A CVE will be useful since such version is
included
in distros like Debian and Ubuntu. Please find attached the test case to
trigger it. The valgrind report is here:


Is 0.6.5 affected? I would assume it is since you said upstream is
working on a patch...

-- 
  Mark Felder
  feld () feld me

Current thread:

CVE Request: Use-after-free in optipng 0.6.4 Gustavo Grieco (Sep 16)
- Re: CVE Request: Use-after-free in optipng 0.6.4 Mark Felder (Sep 17)
- Re: CVE Request: Use-after-free in optipng 0.6.4 Stefan Cornelius (Sep 19)