CVE-2007-2756 — Infinite Loop in Libgd

CWE-835 — Infinite Loop7 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

6.8%

top 8.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Libgd2 Libgd

Timeline

PublishedMay 18

Latest updateMay 1

Description

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶debiandebian/libgd2< libgd2 2.0.35.dfsg-1 (bookworm)

▶NVDlibgd/libgd2.0.34

Patches

Patch: bugs.libgd.org ↗Patch: bugs.libgd.org ↗

🔴Vulnerability Details

GHSA

GHSA-2rm4-pxv9-x75c: The gdPngReadData function in libgd 2↗2022-05-01

▶

OSV

CVE-2007-2756: The gdPngReadData function in libgd 2↗2007-05-18

▶

📋Vendor Advisories

Ubuntu

libgd2 vulnerabilities↗2007-06-12

▶

Red Hat

gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG↗2007-05-16

▶

Debian

CVE-2007-2756: libgd2 - The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cau...↗2007

▶

💬Community

Bugzilla

CVE-2007-2756 gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG↗2007-06-01

▶