Integer Wraparound Vulnerability in gdk-pixbuf Affects Multiple Platforms
CVE-2021-20240

8.8HIGH

Key Information:

Vendor

Gnome
Status
Gdk-pixbuf
Vendor
CVE Published:
28 May 2021

What is CVE-2021-20240?

A vulnerability exists in gdk-pixbuf that may allow an attacker to exploit an integer wraparound issue when processing specially crafted GIF images. This flaw can lead to out-of-bounds writes, potentially leading to application crashes or allowing malicious code execution on the target system. The risk associated with this vulnerability primarily concerns data integrity and confidentiality, as well as overall system availability, making it crucial for users and administrators to apply updates promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

gdk-pixbuf gdk-pixbuf 2.42.0

References

https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.