Double-Free Vulnerability in gThumb by GNOME
CVE-2018-18718

7.8HIGH

Key Information:

Vendor

Gnome
Status
Gthumb
Vendor
CVE Published:
29 October 2018

What is CVE-2018-18718?

A double-free vulnerability has been identified in the gThumb image viewer, where the add_themes_from_dir method in dlg-contact-sheet.c improperly manages memory. This flaw arises from two consecutive calls to g_free, resulting in the deallocation of the same buffer. Such vulnerabilities can potentially lead to application crashes or execute arbitrary code, posing a significant security risk. It is essential for users and administrators to apply updates or patches to safeguard their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gitlab.gnome.org/GNOME/gthumb/issues/18
x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2018/11/msg0...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.