CVE-2018-10112

Published: 4/14/2018 Last updated: 8/5/2024 Reserved: 4/14/2018

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-gegl

Products affected (1)

Product	Vendor	Version
n/a	n/a	Premium CPUs

References (4)

https://bugzilla.gnome.org/show_bug.cgi?id=795249
https://github.com/xiaoqx/pocs/tree/master/gegl
https://bugzilla.gnome.org/show_bug.cgi?id=795249
https://github.com/xiaoqx/pocs/tree/master/gegl