CVE-2017-6313 — Integer Underflow (Wrap or Wraparound) in Gdk-pixbuf
Severity
7.1HIGHNVD
OSV8.8
EPSS
0.4%
top 41.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 10
Latest updateMay 13
Description
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2
Affected Packages3 packages
Also affects: Debian Linux 8.0, Fedora 30, 31
Patches
🔴Vulnerability Details
4📋Vendor Advisories
3💬Community
4Bugzilla▶
CVE-2017-6313 CVE-2017-6314 CVE-2017-6312 CVE-2017-6311 gdk-pixbuf2: various flaws [fedora-all]↗2017-02-27
Bugzilla▶
CVE-2017-6313 CVE-2017-6314 CVE-2017-6312 CVE-2017-6311 mingw-gdk-pixbuf: various flaws [epel-7]↗2017-02-27
Bugzilla▶
CVE-2017-6313 CVE-2017-6314 CVE-2017-6312 CVE-2017-6311 mingw-gdk-pixbuf: various flaws [fedora-all]↗2017-02-27