USN-5554-1: GDK-PixBuf vulnerability
Publication date
8 August 2022
Overview
GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file.
Releases
Packages
- gdk-pixbuf - GDK Pixbuf library
Details
Pedro Ribeiro discovered that the GDK-PixBuf library did not properly
handle certain GIF images. If an user or automated system were tricked into
opening a specially crafted GIF file, a remote attacker could use this flaw
to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Pedro Ribeiro discovered that the GDK-PixBuf library did not properly
handle certain GIF images. If an user or automated system were tricked into
opening a specially crafted GIF file, a remote attacker could use this flaw
to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions
After a standard system update you need to restart your session to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 20.04 LTS focal | libgdk-pixbuf2.0-0 – 2.40.0+dfsg-3ubuntu0.3 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.