gd: Double free in src/gd_bump.c:gdImageBmpPtr() via crafted JPEG (CVE-2018-1000222)
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability
in gdImageBmpPtr Function that can result
in Remote Code Execution . This attack appear to be exploitable via
Specially Crafted Jpeg Image can trigger double free.
This vulnerability appears to have been fixed in after commit
ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.
References:
https://github.com/libgd/libgd/issues/447
https://nvd.nist.gov/vuln/detail/CVE-2018-1000222
Patch:
https://github.com/libgd/libgd/commit/ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5
(from redmine: issue id 9497, created on 2018-10-02, closed on 2018-10-04)
- Relations:
- child #9498 (closed)
- child #9499 (closed)
- child #9500 (closed)
- child #9501 (closed)
- child #9502 (closed)