RHSA-2015:2595: Moderate: libpng12 security update

First published: Wed Dec 09 2015(Updated: )

The libpng12 packages contain a library of functions for creating and<br>manipulating PNG (Portable Network Graphics) image format files.<br>It was discovered that the png_get_PLTE() and png_set_PLTE() functions of<br>libpng did not correctly calculate the maximum palette sizes for bit depths<br>of less than 8. In case an application tried to use these functions in<br>combination with properly calculated palette sizes, this could lead to a<br>buffer overflow or out-of-bounds reads. An attacker could exploit this to<br>cause a crash or potentially execute arbitrary code by tricking an<br>unsuspecting user into processing a specially crafted PNG image. However,<br>the exact impact is dependent on the application using the library.<br>(CVE-2015-8126, CVE-2015-8472)<br>An array-indexing error was discovered in the png_convert_to_rfc1123()<br>function of libpng. An attacker could possibly use this flaw to cause an<br>out-of-bounds read by tricking an unsuspecting user into processing a<br>specially crafted PNG image. (CVE-2015-7981)<br>All libpng12 users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2015:2595
• agent/severity
• agent/references
• agent/title
• agent/weakness
• agent/tags
• agent/type
• agent/description
• agent/event
• agent/remedy
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• package-manager/redhat