#VU17708 Use-after-free in libpng


Published: 2019-02-14 | Updated: 2019-04-18

Vulnerability identifier: #VU17708

Vulnerability risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-7317

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libpng
Universal components / Libraries / Libraries used by multiple products

Vendor: libpng

Description

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists due to a use-after-free memory error in the png_image_free function, as defined in the png.c source code file when calling on png_safe_execute. A remote attacker can send specially crafted data, trigger a call on png_safe_execute and trigger memory corruption, resulting in a DoS condition.

Mitigation
Update to the latest version.

Vulnerable software versions

libpng: 1.6.36

External links
http://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
http://github.com/glennrp/libpng/issues/275

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Oracle AutoVue
Multiple vulnerabilities in Dell EMC Secure Remote Services (SRS) Virtual Edition
Denial of service in Foxit Reader for Linux
Multiple vulnerabilities in MySQL Workbench
MiKTeX security update for libpng
OpenSUSE Linux update for java-1_8_0-openjdk
Gentoo update for libpng
OpenSUSE Linux update for MozillaThunderbird
Ubuntu regression update for Firefox (regression update)
OpenSUSE Linux update for MozillaFirefox