CVE-2018-14553
published 2020-02-11CVE-2018-14553: gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
3.41%
87.4th percentile
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | libgd2 | < libgd2 2.3.0-1 (bookworm) | libgd2 2.3.0-1 (bookworm) |
| fedoraproject | fedora | — | — |
| libgd | libgd | — | — |
| libgd | libgd | 2.1.1 – 2.2.5 | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jw3x-9g83-4hvr: gdImageClone in gd
ghsa_unreviewed·2022-05-24
CVE-2018-14553 [MEDIUM] CWE-476 GHSA-jw3x-9g83-4hvr: gdImageClone in gd
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing atteckers to crash an application via a specific function call sequence.
OSV
libgd2 vulnerabilities
osv·2020-04-02·CVSS 7.5
CVE-2018-14553 [HIGH] libgd2 vulnerabilities
libgd2 vulnerabilities
USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that GD Graphics Library incorrectly handled cloning an
image. An attacker could possibly use this issue to cause GD Graphics Library
to crash, resulting in a denial of service. (CVE-2018-14553)
It was discovered that GD Graphics Library incorrectly handled loading images
from X bitmap format files. An attacker could possibly use this issue to cause
GD Graphics Library to crash, resulting in a denial of service, or to disclose
contents of the stack that has been left there by previous code. (CVE-2019-11038)
OSV
libgd2 vulnerabilities
osv·2020-04-02·CVSS 7.5
CVE-2018-14553 [HIGH] libgd2 vulnerabilities
libgd2 vulnerabilities
It was discovered that GD Graphics Library incorrectly handled cloning an
image. An attacker could possibly use this issue to cause GD Graphics Library
to crash, resulting in a denial of service. (CVE-2018-14553)
It was discovered that GD Graphics Library incorrectly handled loading images
from X bitmap format files. An attacker could possibly use this issue to cause
GD Graphics Library to crash, resulting in a denial of service, or to disclose
contents of the stack that has been left there by previous code. This issue
only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-11038)
OSV
CVE-2018-14553: gdImageClone in gd
osv·2020-02-11·CVSS 7.5
CVE-2018-14553 [HIGH] CVE-2018-14553: gdImageClone in gd
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Ubuntu
GD Graphics Library vulnerabilities
vendor_ubuntu·2020-04-02·CVSS 7.5
CVE-2018-14553 [HIGH] GD Graphics Library vulnerabilities
Title: GD Graphics Library vulnerabilities
Summary: Several security issues were fixed in GD Graphics Library.
It was discovered that GD Graphics Library incorrectly handled cloning an
image. An attacker could possibly use this issue to cause GD Graphics Library
to crash, resulting in a denial of service. (CVE-2018-14553)
It was discovered that GD Graphics Library incorrectly handled loading images
from X bitmap format files. An attacker could possibly use this issue to cause
GD Graphics Library to crash, resulting in a denial of service, or to disclose
contents of the stack that has been left there by previous code. This issue
only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-11038)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
GD Graphics Library vulnerabilities
vendor_ubuntu·2020-04-02·CVSS 7.5
CVE-2018-14553 [HIGH] GD Graphics Library vulnerabilities
Title: GD Graphics Library vulnerabilities
Summary: Several security issues were fixed in GD Graphics Library.
USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that GD Graphics Library incorrectly handled cloning an
image. An attacker could possibly use this issue to cause GD Graphics Library
to crash, resulting in a denial of service. (CVE-2018-14553)
It was discovered that GD Graphics Library incorrectly handled loading images
from X bitmap format files. An attacker could possibly use this issue to cause
GD Graphics Library to crash, resulting in a denial of service, or to disclose
contents of the stack that has been left there by previous code. (CVE-2019-11038)
Red Hat
gd: NULL pointer dereference in gdImageClone
vendor_redhat·2019-12-20·CVSS 7.5
CVE-2018-14553 [HIGH] CWE-119 gd: NULL pointer dereference in gdImageClone
gd: NULL pointer dereference in gdImageClone
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Package: gd (Red Hat Enterprise Linux 5) - Not affected
Package: gd (Red Hat Enterprise Linux 6) - Not affected
Package: gd (Red Hat Enterprise Linux 7) - Not affected
Package: rh-php70-php (Red Hat Software Collections) - Not affected
Package: rh-php71-php (Red Hat Software Collections) - Not affected
Debian
CVE-2018-14553: libgd2 - gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer derefer...
vendor_debian·2018·CVSS 7.5
CVE-2018-14553 [HIGH] CVE-2018-14553: libgd2 - gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer derefer...
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Scope: local
bookworm: resolved (fixed in 2.3.0-1)
bullseye: resolved (fixed in 2.3.0-1)
forky: resolved (fixed in 2.3.0-1)
sid: resolved (fixed in 2.3.0-1)
trixie: resolved (fixed in 2.3.0-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-14553 gd: Null pointer dereference in gdImageClone [fedora-all]
bugzilla·2020-02-12·CVSS 7.5
CVE-2018-14553 [HIGH] CVE-2018-14553 gd: Null pointer dereference in gdImageClone [fedora-all]
CVE-2018-14553 gd: Null pointer dereference in gdImageClone [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of F
Bugzilla
CVE-2018-14553 gd: NULL pointer dereference in gdImageClone
bugzilla·2018-07-12·CVSS 7.5
CVE-2018-14553 [HIGH] CVE-2018-14553 gd: NULL pointer dereference in gdImageClone
CVE-2018-14553 gd: NULL pointer dereference in gdImageClone
A flaw was found in gd as shipped with Fedora. Cloning a image with style "attached", triggers a NULL pointer dereference in 'gdImageClone' leading to denial of service.
Affected versions:
gd-2.2.5
gd-2.2.4
gd-2.2.3
gd-2.2.2
gd-2.2.1
gd-2.2.0
gd-2.1.1
gd-2.1.0
gd-2.1.0-rc2
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1599032
Discussion:
Upstream commit:
https://github.com/fcabralpacheco/libgd/commit/441cbfed60ebf6cb63b8ce120ed0a82b15e7aaf8
Upstream pull request:
https://github.com/libgd/libgd/pull/580
---
Created gd tracking bugs for this issue:
Affects: fedora-all [bug 1802087]
---
Already fix here:
https://bugzilla.redhat.com/show_bug.cgi?id=1599032
All builds in stable:
https://bodhi.fedoraproject.org
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1599032https://github.com/libgd/libgd/commit/a93eac0e843148dc2d631c3ba80af17e9c8c860fhttps://github.com/libgd/libgd/pull/580https://lists.debian.org/debian-lts-announce/2020/02/msg00014.htmlhttps://lists.debian.org/debian-lts-announce/2024/04/msg00003.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/https://usn.ubuntu.com/4316-1/https://usn.ubuntu.com/4316-2/http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1599032https://github.com/libgd/libgd/commit/a93eac0e843148dc2d631c3ba80af17e9c8c860fhttps://github.com/libgd/libgd/pull/580https://lists.debian.org/debian-lts-announce/2020/02/msg00014.htmlhttps://lists.debian.org/debian-lts-announce/2024/04/msg00003.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/https://usn.ubuntu.com/4316-1/https://usn.ubuntu.com/4316-2/
2020-02-11
Published