Vulnerability CVE-2018-13785: Information
Description
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Published: July 9, 2018
Modified: June 27, 2022
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
libpng16 | sisyphus | 1.6.35-alt1 | 1.6.42-alt2 | ALT-PU-2018-2451-1 | 214397 | Fixed |
libpng16 | p10 | 1.6.35-alt1 | 1.6.37-alt1 | ALT-PU-2018-2451-1 | 214397 | Fixed |
libpng16 | p9 | 1.6.35-alt1 | 1.6.36-alt1 | ALT-PU-2018-2451-1 | 214397 | Fixed |
libpng16 | c10f1 | 1.6.35-alt1 | 1.6.37-alt1 | ALT-PU-2018-2451-1 | 214397 | Fixed |
libpng16 | c9f2 | 1.6.35-alt1 | 1.6.36-alt1 | ALT-PU-2018-2451-1 | 214397 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://sourceforge.net/p/libpng/bugs/278/ |
|
https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2 |
|
USN-3712-1 |
|
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html |
|
1041889 |
|
105599 |
|
https://security.netapp.com/advisory/ntap-20181018-0001/ |
|
RHSA-2018:3008 |
|
RHSA-2018:3007 |
|
RHSA-2018:3003 |
|
RHSA-2018:3002 |
|
RHSA-2018:3001 |
|
RHSA-2018:3000 |
|
RHSA-2018:3534 |
|
RHSA-2018:3533 |
|
RHSA-2018:3672 |
|
RHSA-2018:3671 |
|
RHSA-2018:3779 |
|
RHSA-2018:3852 |
|
GLSA-201908-10 |
|