Your submission was sent successfully! Close

CVE-2015-8126

Published: 12 November 2015

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

Notes

AuthorNote
chriscoulson
upstream firefox doesn't use png_set_PLTE, see
https://bugzilla.mozilla.org/show_bug.cgi?id=1224244#c0
Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
precise Not vulnerable
(uses system libpng)
trusty Does not exist
(trusty was not-affected [uses system libpng])
upstream Needs triage

vivid Not vulnerable
(uses system libpng)
wily Not vulnerable
(uses system libpng)
firefox
Launchpad, Ubuntu, Debian
precise Not vulnerable
(see note)
trusty Does not exist
(trusty was not-affected [see note])
upstream Not vulnerable
(see note)
vivid Not vulnerable
(see note)
wily Not vulnerable
(see note)
libpng
Launchpad, Ubuntu, Debian
precise
Released (1.2.46-3ubuntu4.1)
trusty
Released (1.2.50-1ubuntu2.14.04.1)
upstream
Released (1.6.19, 1.5.24, 1.4.17, 1.2.54, 1.0.64)
vivid
Released (1.2.51-0ubuntu3.15.04.1)
wily
Released (1.2.51-0ubuntu3.15.10.1)
Patches:
upstream: https://github.com/glennrp/libpng/commit/475bab6170f651b9863e9fc1b8ffd6cd89a45aa0
upstream: https://github.com/glennrp/libpng/commit/3939689e7d9d06ee05411210bc8e605adcff294e
upstream: https://github.com/glennrp/libpng/commit/216dbf7f7eef5d999f2e3ba054407917098e9f85
openjdk-6
Launchpad, Ubuntu, Debian
precise Not vulnerable
(uses system libpng)
trusty Does not exist
(trusty was not-affected [uses system libpng])
upstream Needs triage

vivid Not vulnerable
(uses system libpng)
wily Not vulnerable
(uses system libpng)
openjdk-7
Launchpad, Ubuntu, Debian
precise Not vulnerable
(uses system libpng)
trusty Does not exist
(trusty was not-affected [uses system libpng])
upstream Needs triage

vivid Not vulnerable
(uses system libpng)
wily Not vulnerable
(uses system libpng)
openjdk-8
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream Needs triage

vivid Not vulnerable
(uses system libpng)
wily Not vulnerable
(uses system libpng)
thunderbird
Launchpad, Ubuntu, Debian
precise Not vulnerable
(see note)
trusty Does not exist
(trusty was not-affected [see note])
upstream Not vulnerable
(see note)
vivid Not vulnerable
(see note)
wily Not vulnerable
(see note)