CVE-2018-10114

Published: 4/14/2018 Last updated: 8/5/2024 Reserved: 4/14/2018

An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation in the ppm_load_read_header function in operations/external/ppm-load.c.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-gegl

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 6.1.7601.26623

References (4)

https://bugzilla.gnome.org/show_bug.cgi?id=795248
https://github.com/xiaoqx/pocs/tree/master/gegl
https://bugzilla.gnome.org/show_bug.cgi?id=795248
https://github.com/xiaoqx/pocs/tree/master/gegl