CVE-2015-8126: Buffer Overflow
First published: Thu Nov 12 2015(Updated: )
Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8. Affected versions of libpng are before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Upstream patches: <a href="https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766">https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766</a> <a href="https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d">https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d</a> <a href="https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978">https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978</a> <a href="https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466">https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466</a> <a href="https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324">https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324</a> CVE assignment: <a href="http://seclists.org/oss-sec/2015/q4/264">http://seclists.org/oss-sec/2015/q4/264</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 |
| redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11 | 1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11 |
| redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 |
| redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 |
| redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7 | 1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7 |
| redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 |
| redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 | 1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 |
| redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.1.el7 | 1.6.0-sun-1:1.6.0.111-1jpp.1.el7 |
| redhat/java | <1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 |
| redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 |
| redhat/libpng | <2:1.2.49-2.el6_7 | 2:1.2.49-2.el6_7 |
| redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 |
| redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 |
| redhat/libpng12 | <0:1.2.50-7.el7_2 | 0:1.2.50-7.el7_2 |
| redhat/libpng | <2:1.5.13-7.el7_2 | 2:1.5.13-7.el7_2 |
| redhat/java | <1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 |
| redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 |
| redhat/java | <1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 |
| redhat/java | <1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 | 1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 |
| redhat/spacewalk-java | <0:2.0.2-109.el6 | 0:2.0.2-109.el6 |
| redhat/spacewalk-java | <0:2.3.8-146.el6 | 0:2.3.8-146.el6 |
| libp2p | <1.0.64 | |
| libp2p | >=1.1.1<1.2.54 | |
| libp2p | >=1.3.0<1.4.17 | |
| libp2p | >=1.5.0<1.5.24 | |
| libp2p | >=1.6.0<1.6.19 | |
| Red Hat Fedora | =21 | |
| Red Hat Fedora | =22 | |
| Red Hat Fedora | =23 | |
| SUSE Linux | =42.1 | |
| openSUSE | =13.1 | |
| openSUSE | =13.2 | |
| SUSE Linux Enterprise Desktop | =11-sp3 | |
| SUSE Linux Enterprise Desktop | =11-sp4 | |
| SUSE Linux Enterprise Desktop | =12 | |
| SUSE Linux Enterprise Desktop | =12-sp1 | |
| SUSE Linux Enterprise Server | =12 | |
| SUSE Linux Enterprise Server | =12-sp1 | |
| Debian Linux | =7.0 | |
| Debian Linux | =8.0 | |
| Debian Linux | =9.0 | |
| Red Hat Satellite | =5.7 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server EUS | =6.7 | |
| Red Hat Enterprise Linux Server EUS | =7.2 | |
| Red Hat Enterprise Linux Server EUS | =7.3 | |
| Red Hat Enterprise Linux Server EUS | =7.4 | |
| Red Hat Enterprise Linux Server EUS | =7.5 | |
| Red Hat Enterprise Linux Server EUS | =7.6 | |
| Red Hat Enterprise Linux Server EUS | =7.7 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.7 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.7 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Red Hat Satellite | =5.6 | |
| Red Hat Enterprise Linux | =5.0 | |
| Red Hat Enterprise Linux | =6.0 | |
| Oracle Java SE 7 | =1.6.0-update105 | |
| Oracle Java SE 7 | =1.7.0-update91 | |
| Oracle Java SE 7 | =1.8.0-update65 | |
| Oracle Java SE 7 | =1.8.0-update66 | |
| Oracle JRE | =1.6.0-update105 | |
| Oracle JRE | =1.7.0-update91 | |
| Oracle JRE | =1.8.0-update65 | |
| Oracle JRE | =1.8.0-update66 | |
| Oracle Linux | =6 | |
| Oracle Linux | =7 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =11.3 | |
| Apple iOS and macOS | <10.11.4 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html
- http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html
- http://rhn.redhat.com/errata/RHSA-2015-2594.html
- http://rhn.redhat.com/errata/RHSA-2015-2595.html
- http://rhn.redhat.com/errata/RHSA-2015-2596.html
- http://rhn.redhat.com/errata/RHSA-2016-0055.html
- http://rhn.redhat.com/errata/RHSA-2016-0056.html
- http://rhn.redhat.com/errata/RHSA-2016-0057.html
- http://www.debian.org/security/2015/dsa-3399
- http://www.debian.org/security/2016/dsa-3507
- http://www.openwall.com/lists/oss-security/2015/11/12/2
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/77568
- http://www.securitytracker.com/id/1034142
- http://www.ubuntu.com/usn/USN-2815-1
- https://access.redhat.com/errata/RHSA-2016:1430
- https://code.google.com/p/chromium/issues/detail?id=560291
- https://kc.mcafee.com/corporate/index?page=content&id=SB10148
- https://security.gentoo.org/glsa/201603-09
- https://security.gentoo.org/glsa/201611-08
- https://support.apple.com/HT206167
- https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766
- https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d
- https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978
- https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466
- https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324
- http://seclists.org/oss-sec/2015/q4/264
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281757
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281759
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281758
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281760
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281756#c2
- https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324.patch
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1281756#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1282901
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1282902
- https://access.redhat.com/security/cve/CVE-2015-8472
- http://seclists.org/oss-sec/2015/q4/439
- https://rhn.redhat.com/errata/RHSA-2015-2594.html
- https://rhn.redhat.com/errata/RHSA-2015-2596.html
- https://rhn.redhat.com/errata/RHSA-2015-2595.html
- http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/817a472b15bd
- http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/23a6e0931277
- https://access.redhat.com/security/cve/CVE-2015-8126
- https://rhn.redhat.com/errata/RHSA-2016-0057.html
- https://rhn.redhat.com/errata/RHSA-2016-0056.html
- https://rhn.redhat.com/errata/RHSA-2016-0055.html
- https://rhn.redhat.com/errata/RHSA-2016-0101.html
- https://rhn.redhat.com/errata/RHSA-2016-0100.html
- https://rhn.redhat.com/errata/RHSA-2016-0098.html
- https://rhn.redhat.com/errata/RHSA-2016-0099.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1281756
- https://www.cve.org/CVERecord?id=CVE-2015-8126 https://nvd.nist.gov/vuln/detail/CVE-2015-8126
- https://access.redhat.com/errata/RHSA-2016:0056
- https://access.redhat.com/errata/RHSA-2016:0057
- https://access.redhat.com/errata/RHSA-2016:0055
- https://access.redhat.com/errata/RHSA-2016:0100
- https://access.redhat.com/errata/RHSA-2016:0101
- https://access.redhat.com/errata/RHSA-2015:2594
- https://access.redhat.com/errata/RHSA-2016:0099
- https://access.redhat.com/errata/RHSA-2015:2595
- https://access.redhat.com/errata/RHSA-2015:2596
- https://access.redhat.com/errata/RHSA-2016:0098
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2015-8126?
CVE-2015-8126 has a moderate severity level due to its potential to cause denial of service and unspecified impacts.
How do I fix CVE-2015-8126?
To fix CVE-2015-8126, update affected software packages to the remedied versions specified in the vulnerability advisory.
What software is affected by CVE-2015-8126?
CVE-2015-8126 affects various versions of the Java SDK and libpng across multiple operating systems.
Can CVE-2015-8126 lead to remote attacks?
Yes, CVE-2015-8126 allows remote attackers to exploit buffer overflow vulnerabilities, potentially leading to crashes.
What is a buffer overflow in the context of CVE-2015-8126?
In the context of CVE-2015-8126, a buffer overflow occurs when the png_get_PLTE and png_set_PLTE functions do not check for out-of-range palette data, which can lead to application instability.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-8126
- agent/remedy
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/libpng
- canonical/libp2p
- version/libp2p/1.1.1
- version/libp2p/1.3.0
- version/libp2p/1.5.0
- version/libp2p/1.6.0
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/21
- version/red hat fedora/22
- version/red hat fedora/23
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1
- canonical/opensuse
- version/opensuse/13.1
- version/opensuse/13.2
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp3
- version/suse linux enterprise desktop/11-sp4
- version/suse linux enterprise desktop/12
- version/suse linux enterprise desktop/12-sp1
- canonical/suse linux enterprise server
- version/suse linux enterprise server/12
- version/suse linux enterprise server/12-sp1
- vendor/debian
- canonical/debian linux
- version/debian linux/7.0
- version/debian linux/8.0
- version/debian linux/9.0
- vendor/redhat
- canonical/red hat satellite
- version/red hat satellite/5.7
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/6.7
- version/red hat enterprise linux server eus/7.2
- version/red hat enterprise linux server eus/7.3
- version/red hat enterprise linux server eus/7.4
- version/red hat enterprise linux server eus/7.5
- version/red hat enterprise linux server eus/7.6
- version/red hat enterprise linux server eus/7.7
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/7.2
- version/red hat enterprise linux server/7.3
- version/red hat enterprise linux server/7.4
- version/red hat enterprise linux server/7.6
- version/red hat enterprise linux server/7.7
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- version/red hat satellite/5.6
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5.0
- version/red hat enterprise linux/6.0
- vendor/oracle
- canonical/oracle java se 7
- version/oracle java se 7/1.6.0-update105
- version/oracle java se 7/1.7.0-update91
- version/oracle java se 7/1.8.0-update65
- version/oracle java se 7/1.8.0-update66
- canonical/oracle jre
- version/oracle jre/1.6.0-update105
- version/oracle jre/1.7.0-update91
- version/oracle jre/1.8.0-update65
- version/oracle jre/1.8.0-update66
- canonical/oracle linux
- version/oracle linux/6
- version/oracle linux/7
- canonical/oracle solaris and zettabyte file system (zfs)
- version/oracle solaris and zettabyte file system (zfs)/11.3
- vendor/apple
- canonical/apple ios and macos
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10