CVE-2021-40633

CWE-401Memory Leak9 documents8 sources
Severity
8.8HIGH
EPSS
0.8%
top 25.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Giflib Project Giflib
Timeline
PublishedJun 14
Latest updateJun 10

Description

A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

Debiangiflib< 5.2.2-1+1
Ubuntugiflib< 5.1.9-1ubuntu0.1+3

🔴Vulnerability Details

4
OSV
giflib vulnerabilities2024-06-10
GHSA
GHSA-77hm-q3fv-fq9x: A memory leak (out-of-memory) in gif2rgb in util/gif2rgb2022-06-15
OSV
CVE-2021-40633: A memory leak (out-of-memory) in gif2rgb in util/gif2rgb2022-06-14
CVEList
CVE-2021-40633: A memory leak (out-of-memory) in gif2rgb in util/gif2rgb2022-06-14

📋Vendor Advisories

4
Ubuntu
GIFLIB vulnerabilities2024-06-10
Microsoft
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.2022-06-14
Red Hat
gif2rgb: gif2rgb memory leak2022-06-14
Debian
CVE-2021-40633: giflib - A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allow...2021
CVE-2021-40633 (HIGH CVSS 8.8) | A memory leak (out-of-memory) in gi | cvebase.io