oss-sec mailing list archives
Re: CVE request: imlib2 - GIF loader: OOB read
From: cve-assign () mitre org
Date: Sun, 10 Apr 2016 10:25:41 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8 GIF loader: Fix out-of-bound reads from colormap
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369 libimlib2: GIF loader: out-of-bounds read
Invalid read of size 1 cmap->Colors gets accessed on index 8, but just 0 to 3 would be valid security implications (DoS and potential host memory exposure)
Use CVE-2016-3994. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXCl7MAAoJEL54rhJi8gl5qXoP/0ixra6R9i1HUALR2iOJEtnk vTfbn05noKq8NqhXJzqn49tK9OFDsWwufGGL5I/3lr0mzJmeQcp780LR182wcBd7 Mgdp7haeNTMCtNTuLglV0Z5umbfxCiAO0vMcpv8aDsGccm6o2cvc1q6iAivHgVmi rmH22yPtjktiazNdTBfoiDgKfrW7KZ0vEawIdaQmL7dbt4YYriMVmAfKc2izAFUk lL/SYhPNU3IuGwXzzFFWA1xq3wTWUVVf9bYg2/Tsq2BZsfI1ryVfjqK1GCAwHBX8 +d+V38D9PbI7sYQ0SvmsJQAS71ZYEyPadc9D+Kzf1I8d8fRFa/4ftog4auZbpvWj QnLGs1ezV0hPeZA602gOMe9+ts2N+dW3nF2+rz/n0BwBsZ0yHZ2kf6OrbeqdUEcb d3br+E2l9OsJ7EpJeSzG/lmJ1InCz50/pYjIU0Ig3UgZqkVpAHX7cQurLZeJq2ws 0SLKufxR8mVio+KId3csyBGtRBIBpYDBO6dNTR0A+5jdwoyoWn/b63z8cqL4+3oJ 11f0PlZZBZjjCY5ESg/oyFqvdS6c23UKirzab3SGF7tEvZUx90FC/alsD3uEa0Eq eWp5wvsGd6U20qta4bku5QkFxZ8DgTtQv8loKwRiUp8218d5IjzL60D9hFAJ4Hcv DnHFzuNitwKiQx8vjCbw =lelm -----END PGP SIGNATURE-----
Current thread:
- CVE request: imlib2 - GIF loader: OOB read Matthias Geerdsen (Apr 09)
- Re: CVE request: imlib2 - GIF loader: OOB read cve-assign (Apr 10)