CVE-2016-6132
published 2016-08-12CVE-2016-6132: The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds…
PriorityP427medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
EPSS
3.27%
86.9th percentile
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | libgd2 | < libgd2 2.2.2-29-g3c2b605-1 (bookworm) | libgd2 2.2.2-29-g3c2b605-1 (bookworm) |
| libgd | libgd | <= 2.2.2 | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
vendor_ubuntu6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p2gq-f8g2-6936: The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2
ghsa_unreviewed·2022-05-14
CVE-2016-6132 [MEDIUM] CWE-125 GHSA-p2gq-f8g2-6936: The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
OSV
CVE-2016-6132: The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2
osv·2016-08-12·CVSS 6.5
CVE-2016-6132 [MEDIUM] CVE-2016-6132: The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
OSV
libgd2 vulnerabilities
osv·2016-08-10·CVSS 6.5
CVE-2016-6132 [MEDIUM] libgd2 vulnerabilities
libgd2 vulnerabilities
It was discovered that the GD library incorrectly handled certain malformed
TGA images. If a user or automated system were tricked into processing a
specially crafted TGA image, an attacker could cause a denial of service.
(CVE-2016-6132, CVE-2016-6214)
It was discovered that the GD library incorrectly handled memory when using
gdImageScale(). A remote attacker could possibly use this issue to cause a
denial of service or possibly execute arbitrary code. (CVE-2016-6207)
Ubuntu
GD library vulnerabilities
vendor_ubuntu·2016-08-10·CVSS 6.5
CVE-2016-6132 [MEDIUM] GD library vulnerabilities
Title: GD library vulnerabilities
Summary: The GD library could be made to crash or run programs if it processed a
specially crafted image file.
It was discovered that the GD library incorrectly handled certain malformed
TGA images. If a user or automated system were tricked into processing a
specially crafted TGA image, an attacker could cause a denial of service.
(CVE-2016-6132, CVE-2016-6214)
It was discovered that the GD library incorrectly handled memory when using
gdImageScale(). A remote attacker could possibly use this issue to cause a
denial of service or possibly execute arbitrary code. (CVE-2016-6207)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
gd: Buffer over-read issue when parsing crafted TGA file
vendor_redhat·2016-06-30·CVSS 6.5
CVE-2016-6132 [MEDIUM] CWE-130 gd: Buffer over-read issue when parsing crafted TGA file
gd: Buffer over-read issue when parsing crafted TGA file
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
Package: gd (Red Hat Enterprise Linux 5) - Not affected
Package: libwmf (Red Hat Enterprise Linux 5) - Not affected
Package: php53 (Red Hat Enterprise Linux 5) - Not affected
Package: gd (Red Hat Enterprise Linux 6) - Not affected
Package: libwmf (Red Hat Enterprise Linux 6) - Not affected
Package: gd (Red Hat Enterprise Linux 7) - Not affected
Package: libwmf (Red Hat Enterprise Linux 7) - Not affected
Package: gd (Red Hat OpenShift Enterprise 2) - Not affected
Package: php54-php (Red Hat Software Collections) - Not affected
Package: php5
Debian
CVE-2016-6132: libgd2 - The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) befo...
vendor_debian·2016·CVSS 6.5
CVE-2016-6132 [MEDIUM] CVE-2016-6132: libgd2 - The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) befo...
The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
Scope: local
bookworm: resolved (fixed in 2.2.2-29-g3c2b605-1)
bullseye: resolved (fixed in 2.2.2-29-g3c2b605-1)
forky: resolved (fixed in 2.2.2-29-g3c2b605-1)
sid: resolved (fixed in 2.2.2-29-g3c2b605-1)
trixie: resolved (fixed in 2.2.2-29-g3c2b605-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-6214 gd: Buffer over-read issue when parsing crafted TGA file
bugzilla·2016-07-14·CVSS 6.5
CVE-2016-6214 [MEDIUM] CVE-2016-6214 gd: Buffer over-read issue when parsing crafted TGA file
CVE-2016-6214 gd: Buffer over-read issue when parsing crafted TGA file
An out-of-bounds heap read vulnerability was found in latest revision of libgd when parsing specially crafted TGA file. This is not a duplicate of CVE-2016-6132.
CVE request:
http://seclists.org/oss-sec/2016/q3/55
Upstream bug report:
https://github.com/libgd/libgd/issues/247#issuecomment-232084241
Discussion:
Created gd tracking bugs for this issue:
Affects: fedora-all [bug 1356467]
---
Closing as NOTABUG due to:
https://bugzilla.redhat.com/show_bug.cgi?id=1352544#c2
Bugzilla
CVE-2016-6132 gd: Buffer over-read issue when parsing crafted TGA file
bugzilla·2016-07-04·CVSS 6.5
CVE-2016-6132 [MEDIUM] CVE-2016-6132 gd: Buffer over-read issue when parsing crafted TGA file
CVE-2016-6132 gd: Buffer over-read issue when parsing crafted TGA file
An out-of-bounds heap read vulnerability was found in latest revision of libgd (a6a0e7f) when parsing specially crafted TARGA file.
Upstream bug:
https://github.com/libgd/libgd/issues/247
CVE assignment:
http://seclists.org/oss-sec/2016/q2/636
Discussion:
Created gd tracking bugs for this issue:
Affects: fedora-all [bug 1352548]
---
gd releases prior to 2.1 did not include .TGA format support and so are not affected by this flaw.
This includes RHEL 5,6,7 and Openshift packages.
Note that the git repository's tag history is misleading in this respect - examine SRPMs to verify.
---
confirmed packages embedding gd including RHSCL variants are not affected, for the same reason as rhel-*/gd
Bugzilla
CVE-2016-6132 gd: Buffer over-read issue when parsing crafted TGA file [fedora-all]
bugzilla·2016-07-04·CVSS 6.5
CVE-2016-6132 [MEDIUM] CVE-2016-6132 gd: Buffer over-read issue when parsing crafted TGA file [fedora-all]
CVE-2016-6132 gd: Buffer over-read issue when parsing crafted TGA file [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00078.htmlhttp://www.debian.org/security/2016/dsa-3619http://www.openwall.com/lists/oss-security/2016/06/30/10http://www.openwall.com/lists/oss-security/2016/06/30/6http://www.securityfocus.com/bid/91520http://www.ubuntu.com/usn/USN-3060-1https://github.com/libgd/libgd/issues/247https://libgd.github.io/release-2.2.3.htmlhttps://security.gentoo.org/glsa/201612-09http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00078.htmlhttp://www.debian.org/security/2016/dsa-3619http://www.openwall.com/lists/oss-security/2016/06/30/10http://www.openwall.com/lists/oss-security/2016/06/30/6http://www.securityfocus.com/bid/91520http://www.ubuntu.com/usn/USN-3060-1https://github.com/libgd/libgd/issues/247https://libgd.github.io/release-2.2.3.htmlhttps://security.gentoo.org/glsa/201612-09
2016-08-12
Published