SB2019110121 - Fedora 29 update for gd
Published: November 1, 2019 Updated: April 25, 2025
Security Bulletin ID
SB2019110121
Severity
High
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Double Free (CVE-ID: CVE-2019-6978)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. A remote attacker can trick the victim into opening a specially crafted input, trigger double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Out-of-bounds write (CVE-ID: CVE-2019-6977)
The vulnerability allows a remote attacker to execute arbitrary on the target system.The weakness exists due to out-of-bounds write in imagecolormatch. A remote attacker can write up to 1200 bytes over the boundaries of a buffer allocated in the imagecolormatch function, which then calls gdImageColorMatch() and execute arbitrary code with elevated privileges.
Remediation
Install update from vendor's website.