Double free error in gd (Alpine package)

1) Double free error

EUVDB-ID: #VU14596

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1000222

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to double free memory error. A remote unauthenticated attacker can trick the victim into jpeg image, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

gd (Alpine package): 2.2.5-r0

External links

http://git.alpinelinux.org/aports/commit/?id=3deb517cec296a32e5b25f1a75a48c2026a44af4
http://git.alpinelinux.org/aports/commit/?id=aad758e364da9a69d0d519b619cc6eb2c7d150f8
http://git.alpinelinux.org/aports/commit/?id=451ff1929d8530ffbceb863acaeb212e545c3080
http://git.alpinelinux.org/aports/commit/?id=0b18843792bc3a090f55ce0f51d3f3049ff91f23
http://git.alpinelinux.org/aports/commit/?id=1b9e8e254652655fd729cebdb23661dbfd50bccf
http://git.alpinelinux.org/aports/commit/?id=406fd782d7205c90c4586a1716ec8f6698263dd3
http://git.alpinelinux.org/aports/commit/?id=605bbe11979f48189cc7e5a858e1f1b4784c7667
http://git.alpinelinux.org/aports/commit/?id=c128b589236dc1ca58758abeda2124e078c34767

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.