oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: libpng buffer overflow in png_set_PLTE

From: cve-assign () mitre org
Date: Thu, 12 Nov 2015 22:03:05 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


I request a CVE for a vulnerability in libpng, all versions, in the
png_set_PLTE/png_get_PLTE functions.  These functions failed to check for
an out-of-range palette when reading or writing PNG files with a bit_depth
less than 8.  Some applications might read the bit depth from the IHDR
chunk and allocate memory for a 2^N entry palette, while libpng can return
a palette with up to 256 entries even when the bit depth is less than 8.



https://github.com/glennrp/libpng/blob/libpng16/CHANGES


Use CVE-2015-8126.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWRVIvAAoJEL54rhJi8gl5sPkQAKEY828dq1YZnIDjf8gSQldb
Bam8eRz0cVyxGo8sZ5oB+FTymMaBNGfccLBWY0XoS8WcGFYOOv1rBqIhvJrvyGm/
TsNXJJTqwe41rF1SQNOT6AwncJtsfXpPhMrCOvqw3s71dDMcxtyXkyQycry4V8Kt
IMBz++W50GC/KanDXjYnR+XTGddvU9hh9OytOZmGiroeArBn6D62KI0sBRFW1bzJ
q8ftTiV8wznang1xy8pFYaTTXK+UIOe23tVw6XAZAcpMXXF31g84SjbjULHEnS7G
Zc1m9MspDI0zo5LPVv0SZM5NpQ0H9KH7HsJ1JYY+qCqK72eUN6hnkMz2FKXqa6LA
Pj6Smng4WuPfROlse8QaM46Auk2qI6aJ3TvrfSnMiEiXuumSs3fSdAksvSO5ncvm
AbIlVmc/tBnw26wlP7Bi0YAMoLzlZACK2IemVwsHjd8r8KZZEQRGV0ofPB3TH2+i
AsmOWHdz3UQeFcOkK+KOk/gb41uDzr0tIt6u9PCc/H0mAV2b3DbF/l+dxHpg1VcO
ZHnc6pUTYZY4eWBnfSFhuL7f5qA2OlNsxMUIcLd1twtRFyAllr9d9cU5Ex05KeOJ
fgawhpJJ9zyq0fcwPitvCji+UpJher0GBrb/BLWufUbiYIVN+fUP/mDKf3zrJvAk
ncDbOaufQIwVUmXaH0iy
=K98Y
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: