USN-3075-1: Imlib2 vulnerabilities
USN-3075-1: Imlib2 vulnerabilities Ubuntu Security Notice USN-3075-1 8th September, 2016 imlib2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Imlib2. Software description imlib2 – Image manipulation and rendering library Details Jakub Wilk discovered an out of bounds read in the GIF loaderimplementation in Imlib2. An attacker could use this to cause adenial of service (application crash) or possibly obtain sensitiveinformation. (CVE-2016-3994) Yuriy M. Kaminskiy discovered an off-by-one error when handlingcoordinates in Imlib2. An attacker could use this to cause a denial ofservice (application crash). (CVE-2016-3993) Yuriy M. Kaminskiy discovered that integer overflows existed in Imlib2when handling images with large dimensions. An attacker could usethis to cause a denial of service (memory exhaustion or applicationcrash). (CVE-2014-9771, CVE-2016-4024) Kevin Ryde discovered that [ more… ]