Project

General

Profile

Bug #6776

lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
-
Start date:
01/31/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

An out-of-bounds read in cmstypes.c in Type_MLU_Read function was found, leading to heap memory leak triggered by crafted ICC profile.

Patch:

https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2

Reference:

http://seclists.org/oss-sec/2016/q3/288


Subtasks

Bug #6777: [3.6] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)ClosedNatanael Copa

Bug #6778: [3.5] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)ClosedNatanael Copa

Bug #6779: [3.4] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)ClosedNatanael Copa

Bug #6780: [3.3] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)ClosedNatanael Copa

Bug #6781: [3.2] lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)ClosedNatanael Copa

History

#1 Updated by Alicha CH over 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed

Also available in: Atom PDF