[3.6] gdk-pixbuf: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function (CVE-2017-2862)
An exploitable heap overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf
2.36.6.
A specially crafted jpeg file can cause a heap overflow resulting in
remote code execution. An attacker can send a file or url to trigger
this vulnerability.
Fixed in:
Gdk-Pixbuf 2.36.7
References:
https://bugzilla.gnome.org/show\_bug.cgi?id=784866
https://www.talosintelligence.com/vulnerability\_reports/TALOS-2017-0366
Patches:
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=c2a40a92fe3df4111ed9da51fe3368c079b86926
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6dd89e126a277460faafc1f679db44ccf78446fb
(from redmine: issue id 7866, created on 2017-09-19, closed on 2017-10-25)
- Relations:
- parent #7865 (closed)
- Changesets:
- Revision fd675253 on 2017-10-25T07:07:01Z:
main/gdk-pixbuf: security upgrade to 2.36.7 (CVE-2017-2862)
Fixes #7866