CVE-2015-8126: Buffer Overflow
First published: Thu Nov 12 2015(Updated: )
Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8. Affected versions of libpng are before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Upstream patches: <a href="https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766">https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766</a> <a href="https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d">https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d</a> <a href="https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978">https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978</a> <a href="https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466">https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466</a> <a href="https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324">https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324</a> CVE assignment: <a href="http://seclists.org/oss-sec/2015/q4/264">http://seclists.org/oss-sec/2015/q4/264</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 |
| redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11 | 1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11 |
| redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 |
| redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 |
| redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7 | 1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7 |
| redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 |
| redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 | 1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 |
| redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.1.el7 | 1.6.0-sun-1:1.6.0.111-1jpp.1.el7 |
| redhat/java | <1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 |
| redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 |
| redhat/libpng | <2:1.2.49-2.el6_7 | 2:1.2.49-2.el6_7 |
| redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 |
| redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 |
| redhat/libpng12 | <0:1.2.50-7.el7_2 | 0:1.2.50-7.el7_2 |
| redhat/libpng | <2:1.5.13-7.el7_2 | 2:1.5.13-7.el7_2 |
| redhat/java | <1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 |
| redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 |
| redhat/java | <1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 |
| redhat/java | <1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 | 1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 |
| redhat/spacewalk-java | <0:2.0.2-109.el6 | 0:2.0.2-109.el6 |
| redhat/spacewalk-java | <0:2.3.8-146.el6 | 0:2.3.8-146.el6 |
| Libpng Libpng | <1.0.64 | |
| Libpng Libpng | >=1.1.1<1.2.54 | |
| Libpng Libpng | >=1.3.0<1.4.17 | |
| Libpng Libpng | >=1.5.0<1.5.24 | |
| Libpng Libpng | >=1.6.0<1.6.19 | |
| Fedoraproject Fedora | =21 | |
| Fedoraproject Fedora | =22 | |
| Fedoraproject Fedora | =23 | |
| openSUSE Leap | =42.1 | |
| openSUSE openSUSE | =13.1 | |
| openSUSE openSUSE | =13.2 | |
| SUSE Linux Enterprise Desktop | =11-sp3 | |
| SUSE Linux Enterprise Desktop | =11-sp4 | |
| SUSE Linux Enterprise Desktop | =12 | |
| SUSE Linux Enterprise Desktop | =12-sp1 | |
| SUSE Linux Enterprise Server | =12 | |
| SUSE Linux Enterprise Server | =12-sp1 | |
| Debian Debian Linux | =7.0 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Redhat Satellite | =5.7 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Eus | =6.7 | |
| Redhat Enterprise Linux Eus | =7.2 | |
| Redhat Enterprise Linux Eus | =7.3 | |
| Redhat Enterprise Linux Eus | =7.4 | |
| Redhat Enterprise Linux Eus | =7.5 | |
| Redhat Enterprise Linux Eus | =7.6 | |
| Redhat Enterprise Linux Eus | =7.7 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server Aus | =7.2 | |
| Redhat Enterprise Linux Server Aus | =7.3 | |
| Redhat Enterprise Linux Server Aus | =7.4 | |
| Redhat Enterprise Linux Server Aus | =7.6 | |
| Redhat Enterprise Linux Server Aus | =7.7 | |
| Redhat Enterprise Linux Server Tus | =7.2 | |
| Redhat Enterprise Linux Server Tus | =7.3 | |
| Redhat Enterprise Linux Server Tus | =7.6 | |
| Redhat Enterprise Linux Server Tus | =7.7 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| Redhat Satellite | =5.6 | |
| Redhat Enterprise Linux | =5.0 | |
| Redhat Enterprise Linux | =6.0 | |
| Oracle JDK | =1.6.0-update105 | |
| Oracle JDK | =1.7.0-update91 | |
| Oracle JDK | =1.8.0-update65 | |
| Oracle JDK | =1.8.0-update66 | |
| Oracle JRE | =1.6.0-update105 | |
| Oracle JRE | =1.7.0-update91 | |
| Oracle JRE | =1.8.0-update65 | |
| Oracle JRE | =1.8.0-update66 | |
| Oracle Linux | =6 | |
| Oracle Linux | =7 | |
| Oracle Solaris | =11.3 | |
| Apple Mac OS X | <10.11.4 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.04 | |
| Canonical Ubuntu Linux | =15.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html
- http://rhn.redhat.com/errata/RHSA-2015-2594.html
- http://rhn.redhat.com/errata/RHSA-2015-2595.html
- http://rhn.redhat.com/errata/RHSA-2015-2596.html
- http://rhn.redhat.com/errata/RHSA-2016-0055.html
- http://rhn.redhat.com/errata/RHSA-2016-0056.html
- http://rhn.redhat.com/errata/RHSA-2016-0057.html
- http://www.debian.org/security/2015/dsa-3399
- http://www.debian.org/security/2016/dsa-3507
- http://www.openwall.com/lists/oss-security/2015/11/12/2
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/77568
- http://www.securitytracker.com/id/1034142
- http://www.ubuntu.com/usn/USN-2815-1
- https://access.redhat.com/errata/RHSA-2016:1430
- https://code.google.com/p/chromium/issues/detail?id=560291
- https://kc.mcafee.com/corporate/index?page=content&id=SB10148
- https://security.gentoo.org/glsa/201603-09
- https://security.gentoo.org/glsa/201611-08
- https://support.apple.com/HT206167
- https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766
- https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d
- https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978
- https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466
- https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324
- http://seclists.org/oss-sec/2015/q4/264
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281757
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281759
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281758
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281760
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281756#c2
- https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324.patch
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281756#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1282901
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1282902
- https://access.redhat.com/security/cve/CVE-2015-8472
- http://seclists.org/oss-sec/2015/q4/439
- https://rhn.redhat.com/errata/RHSA-2015-2594.html
- https://rhn.redhat.com/errata/RHSA-2015-2596.html
- https://rhn.redhat.com/errata/RHSA-2015-2595.html
- http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/817a472b15bd
- http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/23a6e0931277
- https://access.redhat.com/security/cve/CVE-2015-8126
- https://rhn.redhat.com/errata/RHSA-2016-0057.html
- https://rhn.redhat.com/errata/RHSA-2016-0056.html
- https://rhn.redhat.com/errata/RHSA-2016-0055.html
- https://rhn.redhat.com/errata/RHSA-2016-0101.html
- https://rhn.redhat.com/errata/RHSA-2016-0100.html
- https://rhn.redhat.com/errata/RHSA-2016-0098.html
- https://rhn.redhat.com/errata/RHSA-2016-0099.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1281756
- https://www.cve.org/CVERecord?id=CVE-2015-8126 https://nvd.nist.gov/vuln/detail/CVE-2015-8126
- https://access.redhat.com/errata/RHSA-2016:0056
- https://access.redhat.com/errata/RHSA-2016:0057
- https://access.redhat.com/errata/RHSA-2016:0055
- https://access.redhat.com/errata/RHSA-2016:0100
- https://access.redhat.com/errata/RHSA-2016:0101
- https://access.redhat.com/errata/RHSA-2015:2594
- https://access.redhat.com/errata/RHSA-2016:0099
- https://access.redhat.com/errata/RHSA-2015:2595
- https://access.redhat.com/errata/RHSA-2015:2596
- https://access.redhat.com/errata/RHSA-2016:0098
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-8126
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/event
- agent/description
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- package-manager/redhat
- vendor/libpng
- canonical/libpng libpng
- version/libpng libpng/1.1.1
- version/libpng libpng/1.3.0
- version/libpng libpng/1.5.0
- version/libpng libpng/1.6.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/21
- version/fedoraproject fedora/22
- version/fedoraproject fedora/23
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/42.1
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- version/opensuse opensuse/13.2
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp3
- version/suse linux enterprise desktop/11-sp4
- version/suse linux enterprise desktop/12
- version/suse linux enterprise desktop/12-sp1
- canonical/suse linux enterprise server
- version/suse linux enterprise server/12
- version/suse linux enterprise server/12-sp1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/7.0
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/redhat
- canonical/redhat satellite
- version/redhat satellite/5.7
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/6.7
- version/redhat enterprise linux eus/7.2
- version/redhat enterprise linux eus/7.3
- version/redhat enterprise linux eus/7.4
- version/redhat enterprise linux eus/7.5
- version/redhat enterprise linux eus/7.6
- version/redhat enterprise linux eus/7.7
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.2
- version/redhat enterprise linux server aus/7.3
- version/redhat enterprise linux server aus/7.4
- version/redhat enterprise linux server aus/7.6
- version/redhat enterprise linux server aus/7.7
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/7.2
- version/redhat enterprise linux server tus/7.3
- version/redhat enterprise linux server tus/7.6
- version/redhat enterprise linux server tus/7.7
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0
- version/redhat satellite/5.6
- canonical/redhat enterprise linux
- version/redhat enterprise linux/5.0
- version/redhat enterprise linux/6.0
- vendor/oracle
- canonical/oracle jdk
- version/oracle jdk/1.6.0-update105
- version/oracle jdk/1.7.0-update91
- version/oracle jdk/1.8.0-update65
- version/oracle jdk/1.8.0-update66
- canonical/oracle jre
- version/oracle jre/1.6.0-update105
- version/oracle jre/1.7.0-update91
- version/oracle jre/1.8.0-update65
- version/oracle jre/1.8.0-update66
- canonical/oracle linux
- version/oracle linux/6
- version/oracle linux/7
- canonical/oracle solaris
- version/oracle solaris/11.3
- vendor/apple
- canonical/apple mac os x
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.04
- version/canonical ubuntu linux/15.10