- Vulnerability/
- USN-4663-1
USN-4663-1: GDK-PixBuf vulnerability
First published: Tue Dec 08 2020(Updated: )
Melvin Kool discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to hang, resulting in a denial of service.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libgdk-pixbuf2.0-0 | <2.40.0+dfsg-5ubuntu0.1 | 2.40.0+dfsg-5ubuntu0.1 |
| =20.10 | ||
| All of | ||
| ubuntu/libgdk-pixbuf2.0-0 | <2.40.0+dfsg-3ubuntu0.1 | 2.40.0+dfsg-3ubuntu0.1 |
| =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this GDK-PixBuf vulnerability?
The vulnerability ID for this GDK-PixBuf vulnerability is USN-4663-1.
What is the impact of this vulnerability?
The vulnerability could allow a remote attacker to cause GDK-PixBuf to hang, resulting in a denial of service.
How can I fix this vulnerability?
To fix this vulnerability, update the libgdk-pixbuf2.0-0 package to version 2.40.0+dfsg-5ubuntu0.1 if you are using Ubuntu 20.10, or to version 2.40.0+dfsg-3ubuntu0.1 if you are using Ubuntu 20.04.
Where can I find more information about this vulnerability?
You can find more information about this GDK-PixBuf vulnerability on the Ubuntu Security website and the Ubuntu Launchpad pages.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/20.10
- version/ubuntu ubuntu/20.04