CVE-2015-7552

Published: 18 April 2016

Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.

Priority

CVSS 3 base score: 7.8

Status

Package	Release	Status
gdk-pixbuf Launchpad, Ubuntu, Debian	Upstream	Released (2.32.0-1)




	Ubuntu 16.04 LTS (Xenial Xerus)	Not vulnerable
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was released [2.30.7-0ubuntu1.6])
	Ubuntu 12.04 ESM (Precise Pangolin)	Does not exist (precise was released [2.26.1-1ubuntu1.5])
	Patches: Upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=7b10db13ff370bf2500688054249101ff175a942 Upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ca74893a8e06e99b4adc682ee1550bfd020687c7 Upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=b7bf6fbfb310fceba2d35d4de143b8d5ffdad990 Upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f68cb78a5277f169b9531e6998c00c7976594e4

References

Bugs

https://bugzilla.suse.com/show_bug.cgi?id=958963

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM