First published: Tue Nov 12 2019(Updated: )
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
GNOME gdk-pixbuf | <=2.31.1 | |
Redhat Enterprise Linux | =4.0 | |
Redhat Enterprise Linux | =5.0 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
debian/gdk-pixbuf | 2.42.2+dfsg-1+deb11u2 2.42.2+dfsg-1+deb11u1 2.42.10+dfsg-1+deb12u1 2.42.12+dfsg-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2011-2897 is a vulnerability in gdk-pixbuf through version 2.31.1 that allows for a GIF loader buffer overflow during the initialization of decompression tables.
CVE-2011-2897 has a severity rating of 9.8, which is considered critical.
The gdk-pixbuf package with versions up to and including 2.31.1 on Debian Linux, Redhat Enterprise Linux 4.0 and 5.0, and Debian Linux 8.0, 9.0, and 10.0 is affected by CVE-2011-2897.
To fix CVE-2011-2897, you should update the gdk-pixbuf package to versions 2.38.1+dfsg-1, 2.42.2+dfsg-1+deb11u1, or 2.42.10+dfsg-1 or later.
You can find more information about CVE-2011-2897 on the Debian Security Tracker, Red Hat Bugzilla, and Red Hat Security Advisories websites.