CVE-2021-40633

Published: Jun 14, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.

Affected (1)

Products: Giflib Project: Giflib

Giflib Project

1 product

Giflib

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Giflib Project Giflib	Version 5.1.4

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (2)

https://sourceforge.net/p/giflib/bugs/157/

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://sourceforge.net/p/giflib/bugs/157/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.