Advisories » MGASA-2018-0367

Updated libgd packages fix security vulnerabilities

Publication date: 02 Sep 2018
Modification date: 02 Sep 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-5711 , CVE-2018-1000222

Description

The updated packages fix security vulnerabilities:

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before
5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1,
has an integer signedness error that leads to an infinite loop via a
crafted GIF file, as demonstrated by a call to the imagecreatefromgif or
imagecreatefromstring PHP function. This is related to GetCode_ and
gdImageCreateFromGifCtx (CVE-2018-5711).

Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in
gdImageBmpPtr Function that can result in Remote Code Execution . This
attack appear to be exploitable via Specially Crafted Jpeg Image can
trigger double free (CVE-2018-1000222).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23496
• https://usn.ubuntu.com/3755-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222

SRPMS

6/core

• libgd-2.2.5-2.1.mga6