CVE-2021-4214
Published: 24 August 2022
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.
Notes
Author | Note |
---|---|
mdeslaur |
The pngimage utility is only used during build to test well-known inputs. It is not shipped in the resulting binary packages, so while the vulnerable code exists in the libpng1.6 source package it is not used in an insecure way and is not present on end-user systems. Marking as not-affected. Code is not compiled at all in firefox. |
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser
Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(uses system libpng)
|
focal |
Not vulnerable
(uses system libpng)
|
|
impish |
Not vulnerable
(uses system libpng)
|
|
jammy |
Not vulnerable
(uses system libpng)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(uses system libpng)
|
|
firefox
Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not built)
|
focal |
Not vulnerable
(code not built)
|
|
impish |
Not vulnerable
(code not built)
|
|
jammy |
Not vulnerable
(code not built)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not built)
|
|
libpng
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
libpng1.6
Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not shipped)
|
focal |
Not vulnerable
(code not shipped)
|
|
impish |
Not vulnerable
(code not shipped)
|
|
jammy |
Not vulnerable
(code not shipped)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not shipped)
|
|
thunderbird
Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not built)
|
focal |
Not vulnerable
(code not built)
|
|
impish |
Not vulnerable
(code not built)
|
|
jammy |
Not vulnerable
(code not built)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not built)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.5 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |