In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libpng-dev": "1.6.34-1ubuntu0.18.04.1", "libpng16-16-udeb": "1.6.34-1ubuntu0.18.04.1", "libpng-tools": "1.6.34-1ubuntu0.18.04.1", "libpng-tools-dbgsym": "1.6.34-1ubuntu0.18.04.1", "libpng16-16": "1.6.34-1ubuntu0.18.04.1", "libpng16-16-dbgsym": "1.6.34-1ubuntu0.18.04.1" } ] }