Multiple integer overflows in the (1) pixopscompositenearest, (2) pixopscompositecolornearest, and (3) pixopsprocess functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "gir1.2-gdkpixbuf-2.0": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-0": "2.30.7-0ubuntu1.6", "gir1.2-gdkpixbuf-2.0-dbgsym": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-0-udeb-dbgsym": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-0-dbgsym": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-doc": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-common": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-0-udeb": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-dev-dbgsym": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-0-dbg": "2.30.7-0ubuntu1.6", "libgdk-pixbuf2.0-dev": "2.30.7-0ubuntu1.6" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "gir1.2-gdkpixbuf-2.0": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-0": "2.32.2-1ubuntu1", "gir1.2-gdkpixbuf-2.0-dbgsym": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-0-udeb-dbgsym": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-0-dbgsym": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-doc": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-common": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-0-udeb": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-dev-dbgsym": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-0-dbg": "2.32.2-1ubuntu1", "libgdk-pixbuf2.0-dev": "2.32.2-1ubuntu1" } ] }