Debian Libgig vulnerabilities

CVE-2021-32294 [HIGH] CVE-2021-32294: libgig - An issue was discovered in libgig through 20200507. A heap-buffer-overflow exist... An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-18193 [HIGH] CVE-2018-18193: libgig - An issue was discovered in libgig 4.1.0. There is operator new[] failure (due to... An issue was discovered in libgig 4.1.0. There is operator new[] failure (due to a big pWavePoolTable heap request) in DLS::File::File in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-18194 [HIGH] CVE-2018-18194: libgig - An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read ... An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14456 [HIGH] CVE-2018-14456: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the ... An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14454 [HIGH] CVE-2018-14454: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the f... An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-18197 [CRITICAL] CVE-2018-18197: libgig - An issue was discovered in libgig 4.1.0. There is an operator new[] failure (due... An issue was discovered in libgig 4.1.0. There is an operator new[] failure (due to a big pSampleLoops heap request) in DLS::Sampler::Sampler in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-18195 [MEDIUM] CVE-2018-18195: libgig - An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-zero error) ... An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-zero error) in DLS::Sample::Sample in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14457 [HIGH] CVE-2018-14457: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the ... An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14452 [HIGH] CVE-2018-14452: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "... An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-18192 [MEDIUM] CVE-2018-18192: libgig - An issue was discovered in libgig 4.1.0. There is a NULL pointer dereference in ... An issue was discovered in libgig 4.1.0. There is a NULL pointer dereference in the function DLS::File::GetFirstSample() in DLS.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14453 [HIGH] CVE-2018-14453: libgig - An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow i... An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14450 [HIGH] CVE-2018-14450: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "... An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-18196 [HIGH] CVE-2018-18196: libgig - An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read ... An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14458 [HIGH] CVE-2018-14458: libgig - An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow i... An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14459 [HIGH] CVE-2018-14459: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pDat... An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14455 [HIGH] CVE-2018-14455: libgig - An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pDat... An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14449 [HIGH] CVE-2018-14449: libgig - An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::... An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2018-14451 [HIGH] CVE-2018-14451: libgig - An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow i... An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2017-12951 [MEDIUM] CVE-2017-12951: libgig - The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.... The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file. Scope: local bookworm: resolved (fixed in 4.0.0-5) bullseye: resolved (fixed in 4.0.0-5) forky: resolved (fixed in 4.0.0-5) sid: resolved (fixed in 4.0.0-5

CVE-2017-12952 [MEDIUM] CVE-2017-12952: libgig - The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to c... The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file. Scope: local bookworm: resolved (fixed in 4.0.0-4) bullseye: resolved (fixed in 4.0.0-4) forky: resolved (fixed in 4.0.0-4) sid: resolved (fixed in 4.0.0-4) trixie: resolved (fixed in 4.0.0