Information disclosure in libpng - CVE-2015-7981

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker can obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.

How to mitigate CVE-2015-7981

Sources

• http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html
• http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html
• http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html
• http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
• http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html
• http://rhn.redhat.com/errata/RHSA-2015-2594.html
• http://rhn.redhat.com/errata/RHSA-2015-2595.html
• http://sourceforge.net/p/libpng/bugs/241/
• http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/
• http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/
• http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/
• http://www.debian.org/security/2015/dsa-3399
• http://www.openwall.com/lists/oss-security/2015/10/26/1
• http://www.openwall.com/lists/oss-security/2015/10/26/3
• http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
• http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
• http://www.securityfocus.com/bid/77304
• http://www.securitytracker.com/id/1034393
• http://www.ubuntu.com/usn/USN-2815-1
• https://access.redhat.com/errata/RHSA-2016:1430
• https://security.gentoo.org/glsa/201611-08