Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgd2-xpm-dev": "2.1.0-3ubuntu0.10", "libgd-dev": "2.1.0-3ubuntu0.10", "libgd3-dbgsym": "2.1.0-3ubuntu0.10", "libgd3": "2.1.0-3ubuntu0.10", "libgd-dbg": "2.1.0-3ubuntu0.10", "libgd2-noxpm-dev": "2.1.0-3ubuntu0.10", "libgd-tools": "2.1.0-3ubuntu0.10", "libgd-tools-dbgsym": "2.1.0-3ubuntu0.10" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libgd-dev": "2.1.1-4ubuntu0.16.04.10", "libgd3-dbgsym": "2.1.1-4ubuntu0.16.04.10", "libgd3": "2.1.1-4ubuntu0.16.04.10", "libgd-dbg": "2.1.1-4ubuntu0.16.04.10", "libgd-dev-dbgsym": "2.1.1-4ubuntu0.16.04.10", "libgd-tools": "2.1.1-4ubuntu0.16.04.10", "libgd-tools-dbgsym": "2.1.1-4ubuntu0.16.04.10" } ] }