CVE-2019-6978

Source
https://nvd.nist.gov/vuln/detail/CVE-2019-6978
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-6978.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-6978
Downstream
Related
Published
2019-01-28T08:29:00Z
Modified
2025-09-30T02:20:07.482568Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected.

References

Affected packages

Git / github.com/libgd/libgd

Affected ranges

Type
GIT
Repo
https://github.com/libgd/libgd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

GD_1_3_0
GD_1_4_0
GD_1_5_0
GD_1_6_0
GD_1_6_1
GD_1_6_2
GD_1_6_3
GD_1_7_0
GD_1_7_1
GD_1_7_2
GD_1_7_3
GD_1_8_0
GD_1_8_1
GD_1_8_3
GD_1_8_4
GD_2_0_0
GD_2_0_1
GD_2_0_10
GD_2_0_11
GD_2_0_12
GD_2_0_13
GD_2_0_14
GD_2_0_15
GD_2_0_17
GD_2_0_18
GD_2_0_19
GD_2_0_2
GD_2_0_20
GD_2_0_21
GD_2_0_22
GD_2_0_23
GD_2_0_24
GD_2_0_25
GD_2_0_26
GD_2_0_27
GD_2_0_28
GD_2_0_29
GD_2_0_3
GD_2_0_30
GD_2_0_31
GD_2_0_32
GD_2_0_33
GD_2_0_34RC1
GD_2_0_4
GD_2_0_5
GD_2_0_6
GD_2_0_7
GD_2_0_8
GD_2_0_9
NEWS
NEWS-cvs2svn
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_NATIVE_TLS_MERGE
POST_PHP7_EREG_MYSQL_REMOVALS
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_NATIVE_TLS_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
PRE_PHPNG_MERGE

gd-2.*

gd-2.1.0
gd-2.1.0-alpha1
gd-2.1.0-rc1
gd-2.1.0-rc2
gd-2.1.1
gd-2.2.0
gd-2.2.1

php-5.*

php-5.3.23RC1
php-5.3.29
php-5.3.29RC1
php-5.4.30RC1
php-5.4.32RC1
php-5.4.4RC2
php-5.5.24RC1
php-5.6.18RC1
php-5.6.19RC1
php-5.6.22RC1
php-5.6.23RC1
php-5.6.24RC1

php-7.*

php-7.0.11RC1
php-7.0.12RC1
php-7.0.13RC1
php-7.0.3RC1
php-7.0.4RC1
php-7.0.5RC1
php-7.0.7RC1
php-7.0.8RC1
php-7.0.9RC1
php-7.1.0alpha2

Database specific

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "target": {
                "function": "gdImageGifCtx",
                "file": "src/gd_gif_out.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "function_hash": "73669897427677809406459109248086572317",
                "length": 420.0
            },
            "id": "CVE-2019-6978-1103a7e0",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageJpegCtx",
                "file": "src/gd_jpeg.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "function_hash": "67962746548657808604095966200889547021",
                "length": 4045.0
            },
            "id": "CVE-2019-6978-14d43338",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageGifCtx",
                "file": "ext/gd/libgd/gd_gif_out.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "function_hash": "275896152944056985094549263111297991138",
                "length": 433.0
            },
            "id": "CVE-2019-6978-2e0b8712",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "file": "ext/gd/libgd/gd_wbmp.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "19651959449158235032978597245512963024",
                    "294714777056557192024210824448450261473",
                    "230450510658944580537388532969974356328",
                    "107313296107938168886995965059128237513",
                    "228274600237842458120256997038278301450",
                    "324496183297757856389783803601595351774",
                    "184250979163212917318712091180863427252",
                    "270507458710422430336350167388167736930",
                    "168414150809866723829468024954727721112",
                    "6907418261553886065548764322470579380",
                    "14383629774140824238052912025675724862",
                    "250326204507059287597394462741589954653",
                    "214674947768922233576350305125147980598",
                    "331943686495221907806917212615313552630",
                    "28476157422038527216037567195136414707",
                    "237763104887679373999098358144977038021",
                    "319291730546104110404068620813350682844",
                    "113470114409076747680286142819285863266"
                ]
            },
            "id": "CVE-2019-6978-30a03384",
            "signature_version": "v1",
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageJpegCtx",
                "file": "ext/gd/libgd/gd_jpeg.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "function_hash": "128746927226974378866067506552552918355",
                "length": 3193.0
            },
            "id": "CVE-2019-6978-378e66ad",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "file": "src/gd_wbmp.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "73321661324459895908597955010084804784",
                    "187916382817915030519167801468652181022",
                    "38175124439509039761373901122901768180",
                    "287392254799148189314716234748061938750",
                    "139685205050848806812636386066260729900",
                    "160581066299419984515885128146021169037",
                    "196428988387474838349678337868463266115",
                    "270507458710422430336350167388167736930",
                    "168414150809866723829468024954727721112",
                    "107204543989011579765093231851483476423",
                    "325787918952113342782007638869706208356",
                    "122720985368456408105157438526248066540",
                    "111039815623080080593200785522132056946",
                    "282055384616729822594242177012151994140",
                    "240840118927208583836317864425892949001",
                    "148961733259745995844079711282917524194",
                    "170383651322725312902254469709707062586",
                    "72551849922573848649858937555260463260",
                    "319291730546104110404068620813350682844",
                    "113470114409076747680286142819285863266"
                ]
            },
            "id": "CVE-2019-6978-3968c133",
            "signature_version": "v1",
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageWBMPPtr",
                "file": "src/gd_wbmp.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "function_hash": "310137828046498125067131185125838350997",
                "length": 252.0
            },
            "id": "CVE-2019-6978-40692a3e",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageJpegPtr",
                "file": "ext/gd/libgd/gd_jpeg.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "function_hash": "306376773652709971650450231230172921914",
                "length": 227.0
            },
            "id": "CVE-2019-6978-75006a8c",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageWBMPPtr",
                "file": "ext/gd/libgd/gd_wbmp.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "function_hash": "233103623135625103093034945139492330813",
                "length": 227.0
            },
            "id": "CVE-2019-6978-79b3172d",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "file": "ext/gd/libgd/gd_gif_out.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "87312630695593645696930074736148579905",
                    "77974528691838292440483426625820037856",
                    "73194525587671539524897398988101101174",
                    "124861356587019927570173305810789046826",
                    "20320755833102714392409507358147685661",
                    "52463910736497406696218380243795722142",
                    "108759381254030998926274141921660726081",
                    "239128638421564246491389787623215173636",
                    "311353505228934435246073361686233632599",
                    "113470114409076747680286142819285863266",
                    "170978390514210655515957869460424834105",
                    "300380864255268938892573184047315833597",
                    "296082569431922759382074523240273745456",
                    "159233346737640363834095152472822046055",
                    "321233400156210747451138247297490375232",
                    "335824401784257224250551711078879794181",
                    "287513714235459948080809438857018132028",
                    "47695802739225729596141603378143207977",
                    "286706662957834193113591021119508677878",
                    "287444864490330366548353383296746691678",
                    "298347623370276609077740959924761009712",
                    "20147872954352246875322086532193908788"
                ]
            },
            "id": "CVE-2019-6978-8cef24f0",
            "signature_version": "v1",
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageJpegPtr",
                "file": "src/gd_jpeg.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "function_hash": "177339278172706910585208812929466795856",
                "length": 252.0
            },
            "id": "CVE-2019-6978-a23cf1aa",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "file": "ext/gd/libgd/gd_jpeg.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "132437682783016292290041624222705014583",
                    "134090864583588528721731217752000820681",
                    "227542059130736856786570048228746214817",
                    "147734710479934747287389144538691759644",
                    "205543701889930755889600819457795705865",
                    "293297447526393879884600812746129167386",
                    "169716899741328006388913199191037988062",
                    "113470114409076747680286142819285863266",
                    "219351463968913007017213782815583287748",
                    "8276487751244779450199141735432458825",
                    "120961855793319075469629889561237538255",
                    "43490983461877523009654489938348474146",
                    "324812528127307086440606242642135555329",
                    "77036419748754613350466331170520901289",
                    "169988389853261194811325739746164010442",
                    "67252026344498111036459030983546200803",
                    "48565961860108771154495146959169949752",
                    "237598552096910878146301364183212749614",
                    "324262008133052167509329373808079827314",
                    "106857909774877358049452048299284946698"
                ]
            },
            "id": "CVE-2019-6978-af6a77a9",
            "signature_version": "v1",
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "target": {
                "file": "src/gd_gif_out.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "313489793847174263116353613279088032662",
                    "77175195467114354362424537456180310303",
                    "317253520221055736381704389102526221600",
                    "174271734603876711979082048541624209002",
                    "202112744409901252928626606599438321111",
                    "325528340744038660830380969630764909247",
                    "311353505228934435246073361686233632599",
                    "113470114409076747680286142819285863266",
                    "214827399723281619403636192615871224041",
                    "96710189774890780092161856793015120092",
                    "91264835610843557957957248409030029540",
                    "283137986004142284261318850153523187342",
                    "321233400156210747451138247297490375232",
                    "335824401784257224250551711078879794181",
                    "287513714235459948080809438857018132028",
                    "47695802739225729596141603378143207977",
                    "286706662957834193113591021119508677878",
                    "287444864490330366548353383296746691678",
                    "282183962327612283279302963557365846832",
                    "166393682546613005542574617434310068378"
                ]
            },
            "id": "CVE-2019-6978-b05f363b",
            "signature_version": "v1",
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageWBMPCtx",
                "file": "ext/gd/libgd/gd_wbmp.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "function_hash": "277579775599658773944258741276004248117",
                "length": 570.0
            },
            "id": "CVE-2019-6978-c681eebe",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageGifPtr",
                "file": "ext/gd/libgd/gd_gif_out.c"
            },
            "source": "https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae",
            "digest": {
                "function_hash": "191198993094894939001135986403663751294",
                "length": 205.0
            },
            "id": "CVE-2019-6978-c8deae61",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "file": "src/gd_jpeg.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "17298258251191293258763636816924187013",
                    "287489779689604771174966749904784909916",
                    "317845287329750453896035076073882058719",
                    "337292611167654240836067702314357617758",
                    "123046874969727043012819024804458612412",
                    "267145984315437156487272218820784718394",
                    "169716899741328006388913199191037988062",
                    "113470114409076747680286142819285863266",
                    "321802689434163186081473185620801709093",
                    "293587497156982751284626056650800867853",
                    "233968861811893801373510569930896407063",
                    "229150919373295212814481273339665450598",
                    "324812528127307086440606242642135555329",
                    "77036419748754613350466331170520901289",
                    "170843414304609867087371776433969510919",
                    "55798560331571116897938284176038048006",
                    "59218394426712755699745125668377226194",
                    "246615748348509609972184333186269202322",
                    "210557549136761450109283157291505259439",
                    "53910147842568629468490686660221785270",
                    "48565961860108771154495146959169949752",
                    "237598552096910878146301364183212749614",
                    "57074210151970652111598269110657490297",
                    "68965124363846818538755454109844535639"
                ]
            },
            "id": "CVE-2019-6978-eb0f5f61",
            "signature_version": "v1",
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageGifPtr",
                "file": "src/gd_gif_out.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "function_hash": "223404107734624752233597713078749194338",
                "length": 230.0
            },
            "id": "CVE-2019-6978-f5425777",
            "signature_version": "v1",
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "target": {
                "function": "gdImageWBMPCtx",
                "file": "src/gd_wbmp.c"
            },
            "source": "https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0",
            "digest": {
                "function_hash": "288102288542096744908717740493584686557",
                "length": 568.0
            },
            "id": "CVE-2019-6978-faff0e10",
            "signature_version": "v1",
            "signature_type": "Function"
        }
    ]
}