CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Published: 2017-03-10
Modified: 2025-04-20

CVE-2017-6313

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.

Severity: MEDIUM (5.8) Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

Severity: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

References:

Published: 2017-03-10
Modified: 2025-04-20

CVE-2017-6314

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Package klavaro updated to version 3.03-alt2 for branch sisyphus in task 203915.

Не локализован интерфейс

Version: 2.1.2

Branch sisyphus update on 2018-04-13

ALT-BU-2018-3197-1

ALT-PU-2018-1580-1

Closed vulnerabilities

CVE-2017-6312

CVE-2017-6313

CVE-2017-6314

ALT-PU-2018-1584-1

Closed bugs

Bug #34798