Your submission was sent successfully! Close

CVE-2018-11213

Published: 16 May 2018

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
libjpeg-turbo
Launchpad, Ubuntu, Debian
artful Not vulnerable
(1.5.2-0ubuntu5)
bionic Not vulnerable
(1.5.2-0ubuntu5)
cosmic Not vulnerable
(1.5.2-0ubuntu5)
disco Not vulnerable
(1.5.2-0ubuntu5)
eoan Not vulnerable
(1.5.2-0ubuntu5)
focal Not vulnerable
(1.5.2-0ubuntu5)
groovy Not vulnerable
(1.5.2-0ubuntu5)
hirsute Not vulnerable
(1.5.2-0ubuntu5)
impish Not vulnerable
(1.5.2-0ubuntu5)
jammy Not vulnerable
(1.5.2-0ubuntu5)
precise
Released (1.1.90+svn733-0ubuntu4.5)
trusty
Released (1.3.0-0ubuntu2.1)
upstream
Released (1:1.3.1-12+deb8u1, 1:1.4.2-1)
xenial Not vulnerable
(1.4.2-0ubuntu3)
Patches:
upstream: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91
libjpeg6b
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needed

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needed

jammy Needed

precise Does not exist

trusty
Released (6b1-4ubuntu1+esm1)
upstream Needed

xenial Ignored
(end of standard support, was needed)
libjpeg9
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Not vulnerable
(1:9c-2)
eoan Not vulnerable
(1:9c-2)
focal Not vulnerable
(1:9c-2)
groovy Not vulnerable
(1:9c-2)
hirsute Not vulnerable
(1:9c-2)
impish Not vulnerable
(1:9c-2)
jammy Not vulnerable
(1:9c-2)
precise Does not exist

trusty Does not exist

upstream
Released (1:9c-1)
xenial Ignored
(end of standard support, was needed)