libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
References
Link | Resource |
---|---|
https://blog.silentsignal.eu/2019/04/18/drop-by-drop-bleeding-through-libvips/ | Technical Description Third Party Advisory |
https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a | Patch Third Party Advisory |
https://github.com/libvips/libvips/releases/tag/v8.7.4 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-01-26T23:00:00
Updated: 2019-04-24T17:53:45
Reserved: 2019-01-26T00:00:00
Link: CVE-2019-6976
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-01-26T23:29:00.237
Modified: 2023-09-29T11:18:03.783
Link: CVE-2019-6976
JSON object: View
Redhat Information
No data.
CWE