CVE-2019-17534

Published: Oct 13, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.

Affected (1)

Products: Libvips: Libvips

Libvips

1 product

Libvips

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libvips Libvips	Before 8.8.2

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (6)

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16796

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://github.com/libvips/libvips/commit/ce684dd008532ea0bf9d4a1d89bacb35f4a83f4d

Source: cve@mitre.org

Patch

https://github.com/libvips/libvips/compare/v8.8.1...v8.8.2

Source: cve@mitre.org

Patch

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16796

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://github.com/libvips/libvips/commit/ce684dd008532ea0bf9d4a1d89bacb35f4a83f4d

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://github.com/libvips/libvips/compare/v8.8.1...v8.8.2

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.