libcaca: Multiple vulnerabilities (CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549)
CVE-2018-20544: floating point exception in caca/dither.c
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
References:
Patch:
https://github.com/cacalabs/libcaca/commit/84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c
CVE-2018-20545: out of bounds write in function load_image in common-image.c
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.
References:
Patch:
https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
CVE-2018-20546: out of bounds read in function get_rgba_default in caca/dither.c
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
References:
Patch:
https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
CVE-2018-20547: out of bounds read in function get_rgba_default in caca/dither.c for 24bpp data
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.
References:
Patch:
https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
CVE-2018-20548: out of bounds write in function load_image in common-image.c
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.
References:
Patch:
https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
CVE-2018-20549: out of bounds write in function caca_file_read in caca/file.c
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
References:
Patch:
https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592