First published: Thu Nov 12 2015(Updated: )
Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8. Affected versions of libpng are before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Upstream patches: <a href="https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766">https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766</a> <a href="https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d">https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d</a> <a href="https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978">https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978</a> <a href="https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466">https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466</a> <a href="https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324">https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324</a> CVE assignment: <a href="http://seclists.org/oss-sec/2015/q4/264">http://seclists.org/oss-sec/2015/q4/264</a>
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11 |
redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11 | 1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11 |
redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7 |
redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 | 1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7 |
redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7 | 1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7 |
redhat/java | <1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 | 1.8.0-oracle-1:1.8.0.71-1jpp.1.el7 |
redhat/java | <1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 | 1.7.0-oracle-1:1.7.0.95-1jpp.2.el7 |
redhat/java | <1.6.0-sun-1:1.6.0.111-1jpp.1.el7 | 1.6.0-sun-1:1.6.0.111-1jpp.1.el7 |
redhat/java | <1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5 |
redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5 |
redhat/libpng | <2:1.2.49-2.el6_7 | 2:1.2.49-2.el6_7 |
redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7 |
redhat/java | <1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 | 1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7 |
redhat/libpng12 | <0:1.2.50-7.el7_2 | 0:1.2.50-7.el7_2 |
redhat/libpng | <2:1.5.13-7.el7_2 | 2:1.5.13-7.el7_2 |
redhat/java | <1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 | 1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7 |
redhat/java | <1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 | 1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7 |
redhat/java | <1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 | 1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5 |
redhat/java | <1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 | 1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7 |
redhat/spacewalk-java | <0:2.0.2-109.el6 | 0:2.0.2-109.el6 |
redhat/spacewalk-java | <0:2.3.8-146.el6 | 0:2.3.8-146.el6 |
libp2p | <1.0.64 | |
libp2p | >=1.1.1<1.2.54 | |
libp2p | >=1.3.0<1.4.17 | |
libp2p | >=1.5.0<1.5.24 | |
libp2p | >=1.6.0<1.6.19 | |
Red Hat Fedora | =21 | |
Red Hat Fedora | =22 | |
Red Hat Fedora | =23 | |
SUSE Linux | =42.1 | |
openSUSE | =13.1 | |
openSUSE | =13.2 | |
SUSE Linux Enterprise Desktop | =11-sp3 | |
SUSE Linux Enterprise Desktop | =11-sp4 | |
SUSE Linux Enterprise Desktop | =12 | |
SUSE Linux Enterprise Desktop | =12-sp1 | |
SUSE Linux Enterprise Server | =12 | |
SUSE Linux Enterprise Server | =12-sp1 | |
Debian Linux | =7.0 | |
Debian Linux | =8.0 | |
Debian Linux | =9.0 | |
Red Hat Satellite | =5.7 | |
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Desktop | =7.0 | |
Red Hat Enterprise Linux Server EUS | =6.7 | |
Red Hat Enterprise Linux Server EUS | =7.2 | |
Red Hat Enterprise Linux Server EUS | =7.3 | |
Red Hat Enterprise Linux Server EUS | =7.4 | |
Red Hat Enterprise Linux Server EUS | =7.5 | |
Red Hat Enterprise Linux Server EUS | =7.6 | |
Red Hat Enterprise Linux Server EUS | =7.7 | |
Red Hat Enterprise Linux Server | =6.0 | |
Red Hat Enterprise Linux Server | =7.0 | |
Red Hat Enterprise Linux Server | =7.2 | |
Red Hat Enterprise Linux Server | =7.3 | |
Red Hat Enterprise Linux Server | =7.4 | |
Red Hat Enterprise Linux Server | =7.6 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Server | =7.2 | |
Red Hat Enterprise Linux Server | =7.3 | |
Red Hat Enterprise Linux Server | =7.6 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Workstation | =6.0 | |
Red Hat Enterprise Linux Workstation | =7.0 | |
Red Hat Satellite | =5.6 | |
Red Hat Enterprise Linux | =5.0 | |
Red Hat Enterprise Linux | =6.0 | |
Oracle Java SE 7 | =1.6.0-update105 | |
Oracle Java SE 7 | =1.7.0-update91 | |
Oracle Java SE 7 | =1.8.0-update65 | |
Oracle Java SE 7 | =1.8.0-update66 | |
Oracle JRE | =1.6.0-update105 | |
Oracle JRE | =1.7.0-update91 | |
Oracle JRE | =1.8.0-update65 | |
Oracle JRE | =1.8.0-update66 | |
Oracle Linux | =6 | |
Oracle Linux | =7 | |
Oracle Solaris and Zettabyte File System (ZFS) | =11.3 | |
Apple iOS and macOS | <10.11.4 | |
Ubuntu | =12.04 | |
Ubuntu | =14.04 | |
Ubuntu | =15.04 | |
Ubuntu | =15.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2015-8126 has a moderate severity level due to its potential to cause denial of service and unspecified impacts.
To fix CVE-2015-8126, update affected software packages to the remedied versions specified in the vulnerability advisory.
CVE-2015-8126 affects various versions of the Java SDK and libpng across multiple operating systems.
Yes, CVE-2015-8126 allows remote attackers to exploit buffer overflow vulnerabilities, potentially leading to crashes.
In the context of CVE-2015-8126, a buffer overflow occurs when the png_get_PLTE and png_set_PLTE functions do not check for out-of-range palette data, which can lead to application instability.