CVE-2019-6978

Source
https://nvd.nist.gov/vuln/detail/CVE-2019-6978
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-6978.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-6978
Downstream
Related
Published
2019-01-28T08:29:00Z
Modified
2025-10-19T05:22:24.216933Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected.

References

Affected packages

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/libgd/libgd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9

gd-2.*

gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.0-rc2
gd-2.1.1
gd-2.2.0
gd-2.2.1

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Function",
        "target": {
            "function": "gdImageGifCtx",
            "file": "src/gd_gif_out.c"
        },
        "digest": {
            "function_hash": "73669897427677809406459109248086572317",
            "length": 420.0
        },
        "id": "CVE-2019-6978-1103a7e0"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Function",
        "target": {
            "function": "gdImageJpegCtx",
            "file": "src/gd_jpeg.c"
        },
        "digest": {
            "function_hash": "67962746548657808604095966200889547021",
            "length": 4045.0
        },
        "id": "CVE-2019-6978-14d43338"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Line",
        "target": {
            "file": "src/gd_wbmp.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "73321661324459895908597955010084804784",
                "187916382817915030519167801468652181022",
                "38175124439509039761373901122901768180",
                "287392254799148189314716234748061938750",
                "139685205050848806812636386066260729900",
                "160581066299419984515885128146021169037",
                "196428988387474838349678337868463266115",
                "270507458710422430336350167388167736930",
                "168414150809866723829468024954727721112",
                "107204543989011579765093231851483476423",
                "325787918952113342782007638869706208356",
                "122720985368456408105157438526248066540",
                "111039815623080080593200785522132056946",
                "282055384616729822594242177012151994140",
                "240840118927208583836317864425892949001",
                "148961733259745995844079711282917524194",
                "170383651322725312902254469709707062586",
                "72551849922573848649858937555260463260",
                "319291730546104110404068620813350682844",
                "113470114409076747680286142819285863266"
            ]
        },
        "id": "CVE-2019-6978-3968c133"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Function",
        "target": {
            "function": "gdImageWBMPPtr",
            "file": "src/gd_wbmp.c"
        },
        "digest": {
            "function_hash": "310137828046498125067131185125838350997",
            "length": 252.0
        },
        "id": "CVE-2019-6978-40692a3e"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Function",
        "target": {
            "function": "gdImageJpegPtr",
            "file": "src/gd_jpeg.c"
        },
        "digest": {
            "function_hash": "177339278172706910585208812929466795856",
            "length": 252.0
        },
        "id": "CVE-2019-6978-a23cf1aa"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Line",
        "target": {
            "file": "src/gd_gif_out.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "313489793847174263116353613279088032662",
                "77175195467114354362424537456180310303",
                "317253520221055736381704389102526221600",
                "174271734603876711979082048541624209002",
                "202112744409901252928626606599438321111",
                "325528340744038660830380969630764909247",
                "311353505228934435246073361686233632599",
                "113470114409076747680286142819285863266",
                "214827399723281619403636192615871224041",
                "96710189774890780092161856793015120092",
                "91264835610843557957957248409030029540",
                "283137986004142284261318850153523187342",
                "321233400156210747451138247297490375232",
                "335824401784257224250551711078879794181",
                "287513714235459948080809438857018132028",
                "47695802739225729596141603378143207977",
                "286706662957834193113591021119508677878",
                "287444864490330366548353383296746691678",
                "282183962327612283279302963557365846832",
                "166393682546613005542574617434310068378"
            ]
        },
        "id": "CVE-2019-6978-b05f363b"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Line",
        "target": {
            "file": "src/gd_jpeg.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "17298258251191293258763636816924187013",
                "287489779689604771174966749904784909916",
                "317845287329750453896035076073882058719",
                "337292611167654240836067702314357617758",
                "123046874969727043012819024804458612412",
                "267145984315437156487272218820784718394",
                "169716899741328006388913199191037988062",
                "113470114409076747680286142819285863266",
                "321802689434163186081473185620801709093",
                "293587497156982751284626056650800867853",
                "233968861811893801373510569930896407063",
                "229150919373295212814481273339665450598",
                "324812528127307086440606242642135555329",
                "77036419748754613350466331170520901289",
                "170843414304609867087371776433969510919",
                "55798560331571116897938284176038048006",
                "59218394426712755699745125668377226194",
                "246615748348509609972184333186269202322",
                "210557549136761450109283157291505259439",
                "53910147842568629468490686660221785270",
                "48565961860108771154495146959169949752",
                "237598552096910878146301364183212749614",
                "57074210151970652111598269110657490297",
                "68965124363846818538755454109844535639"
            ]
        },
        "id": "CVE-2019-6978-eb0f5f61"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Function",
        "target": {
            "function": "gdImageGifPtr",
            "file": "src/gd_gif_out.c"
        },
        "digest": {
            "function_hash": "223404107734624752233597713078749194338",
            "length": 230.0
        },
        "id": "CVE-2019-6978-f5425777"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
        "signature_type": "Function",
        "target": {
            "function": "gdImageWBMPCtx",
            "file": "src/gd_wbmp.c"
        },
        "digest": {
            "function_hash": "288102288542096744908717740493584686557",
            "length": 568.0
        },
        "id": "CVE-2019-6978-faff0e10"
    }
]

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

NEWS
NEWS-cvs2svn
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_NATIVE_TLS_MERGE
POST_PHP7_EREG_MYSQL_REMOVALS
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_NATIVE_TLS_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
PRE_PHPNG_MERGE

php-5.*

php-5.3.23RC1
php-5.3.29
php-5.3.29RC1
php-5.4.30RC1
php-5.4.32RC1
php-5.4.4RC2
php-5.5.24RC1
php-5.6.18RC1
php-5.6.19RC1
php-5.6.22RC1
php-5.6.23RC1
php-5.6.24RC1

php-7.*

php-7.0.11RC1
php-7.0.12RC1
php-7.0.13RC1
php-7.0.3RC1
php-7.0.4RC1
php-7.0.5RC1
php-7.0.7RC1
php-7.0.8RC1
php-7.0.9RC1
php-7.1.0alpha2

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Function",
        "target": {
            "function": "gdImageGifCtx",
            "file": "ext/gd/libgd/gd_gif_out.c"
        },
        "digest": {
            "function_hash": "275896152944056985094549263111297991138",
            "length": 433.0
        },
        "id": "CVE-2019-6978-2e0b8712"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Line",
        "target": {
            "file": "ext/gd/libgd/gd_wbmp.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "19651959449158235032978597245512963024",
                "294714777056557192024210824448450261473",
                "230450510658944580537388532969974356328",
                "107313296107938168886995965059128237513",
                "228274600237842458120256997038278301450",
                "324496183297757856389783803601595351774",
                "184250979163212917318712091180863427252",
                "270507458710422430336350167388167736930",
                "168414150809866723829468024954727721112",
                "6907418261553886065548764322470579380",
                "14383629774140824238052912025675724862",
                "250326204507059287597394462741589954653",
                "214674947768922233576350305125147980598",
                "331943686495221907806917212615313552630",
                "28476157422038527216037567195136414707",
                "237763104887679373999098358144977038021",
                "319291730546104110404068620813350682844",
                "113470114409076747680286142819285863266"
            ]
        },
        "id": "CVE-2019-6978-30a03384"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Function",
        "target": {
            "function": "gdImageJpegCtx",
            "file": "ext/gd/libgd/gd_jpeg.c"
        },
        "digest": {
            "function_hash": "128746927226974378866067506552552918355",
            "length": 3193.0
        },
        "id": "CVE-2019-6978-378e66ad"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Function",
        "target": {
            "function": "gdImageJpegPtr",
            "file": "ext/gd/libgd/gd_jpeg.c"
        },
        "digest": {
            "function_hash": "306376773652709971650450231230172921914",
            "length": 227.0
        },
        "id": "CVE-2019-6978-75006a8c"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Function",
        "target": {
            "function": "gdImageWBMPPtr",
            "file": "ext/gd/libgd/gd_wbmp.c"
        },
        "digest": {
            "function_hash": "233103623135625103093034945139492330813",
            "length": 227.0
        },
        "id": "CVE-2019-6978-79b3172d"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Line",
        "target": {
            "file": "ext/gd/libgd/gd_gif_out.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "87312630695593645696930074736148579905",
                "77974528691838292440483426625820037856",
                "73194525587671539524897398988101101174",
                "124861356587019927570173305810789046826",
                "20320755833102714392409507358147685661",
                "52463910736497406696218380243795722142",
                "108759381254030998926274141921660726081",
                "239128638421564246491389787623215173636",
                "311353505228934435246073361686233632599",
                "113470114409076747680286142819285863266",
                "170978390514210655515957869460424834105",
                "300380864255268938892573184047315833597",
                "296082569431922759382074523240273745456",
                "159233346737640363834095152472822046055",
                "321233400156210747451138247297490375232",
                "335824401784257224250551711078879794181",
                "287513714235459948080809438857018132028",
                "47695802739225729596141603378143207977",
                "286706662957834193113591021119508677878",
                "287444864490330366548353383296746691678",
                "298347623370276609077740959924761009712",
                "20147872954352246875322086532193908788"
            ]
        },
        "id": "CVE-2019-6978-8cef24f0"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Line",
        "target": {
            "file": "ext/gd/libgd/gd_jpeg.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "132437682783016292290041624222705014583",
                "134090864583588528721731217752000820681",
                "227542059130736856786570048228746214817",
                "147734710479934747287389144538691759644",
                "205543701889930755889600819457795705865",
                "293297447526393879884600812746129167386",
                "169716899741328006388913199191037988062",
                "113470114409076747680286142819285863266",
                "219351463968913007017213782815583287748",
                "8276487751244779450199141735432458825",
                "120961855793319075469629889561237538255",
                "43490983461877523009654489938348474146",
                "324812528127307086440606242642135555329",
                "77036419748754613350466331170520901289",
                "169988389853261194811325739746164010442",
                "67252026344498111036459030983546200803",
                "48565961860108771154495146959169949752",
                "237598552096910878146301364183212749614",
                "324262008133052167509329373808079827314",
                "106857909774877358049452048299284946698"
            ]
        },
        "id": "CVE-2019-6978-af6a77a9"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Function",
        "target": {
            "function": "gdImageWBMPCtx",
            "file": "ext/gd/libgd/gd_wbmp.c"
        },
        "digest": {
            "function_hash": "277579775599658773944258741276004248117",
            "length": 570.0
        },
        "id": "CVE-2019-6978-c681eebe"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
        "signature_type": "Function",
        "target": {
            "function": "gdImageGifPtr",
            "file": "ext/gd/libgd/gd_gif_out.c"
        },
        "digest": {
            "function_hash": "191198993094894939001135986403663751294",
            "length": 205.0
        },
        "id": "CVE-2019-6978-c8deae61"
    }
]