CVE-2021-40985

Published: 3 November 2021

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.

Priority

CVSS 3 base score: 5.5

Status

Package	Release	Status
htmldoc Launchpad, Ubuntu, Debian	bionic	Needs triage
	focal	Needs triage
	hirsute	Ignored (reached end-of-life)
	impish	Ignored (reached end-of-life)
	jammy	Needs triage
	trusty	Needs triage
	upstream	Needs triage
	xenial	Ignored (out of standard support)

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.