Denial of Service Vulnerability in gdk-pixbuf by GNOME
CVE-2017-6314

5.5MEDIUM

Key Information:

Vendor

Gnome
Status
Gdk-pixbuf
Vendor
CVE Published:
10 March 2017

What is CVE-2017-6314?

A vulnerability in the make_available_at_least function within the io-tiff.c file of gdk-pixbuf enables attackers to create a denial of service condition. By providing specially crafted large TIFF files, attackers can trigger an infinite loop, leading to potential system unavailability. This issue raises significant concerns for users depending on gdk-pixbuf for image processing in their applications, necessitating prompt updates and security measures.

References

https://bugzilla.gnome.org/show_bug.cgi?id=779020
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2017/02/21/4
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/96779
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.