Heap-based buffer over-read in Gimp

#VU10662 Heap-based buffer over-read in Gimp

Published: 2018-02-19 | Updated: 2018-02-20

Vulnerability identifier: #VU10662

Vulnerability risk: Low

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-17786

CWE-ID: CWE-126

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Gimp
Client/Desktop applications / Multimedia software

Vendor: Gimp Team

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1). A remote attacker can supply an unexpected bits-per-pixel value for an RGBA image and perform a denial of service attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Gimp: 2.8.22

External links
http://bugzilla.gnome.org/show_bug.cgi?id=739134

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Denial of service in Gimp

Heap-based buffer over-read in gimp (Alpine package)