libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png_image_free in png.c has
a use-after-free because png_image_free_function is called under
png_safe_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
(from redmine: issue id 10360, created on 2019-04-29, closed on 2019-05-06)
- Relations:
- child #10361 (closed)
- child #10362 (closed)
- child #10363 (closed)
- child #10364 (closed)
- child #10365 (closed)