Cloud Foundry Logo
blog single gear
Blog
Security Advisory

USN-2722-1 GDK-PixBuf Vulnerabilities

by: October 7, 2015

USN-2722-1 GDK-PixBuf Vulnerabilities

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • libgdk-pixbuf2.0-0 2.30.7-0ubuntu1.1

Description

It was discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected Products and Versions

Severity is medium unless otherwise noted.

  • Cloud Foundry Runtime: all versions of cf-release prior to 214 are vulnerable to the aforementioned CVEs.

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry project recommends that Cloud Foundry Deployments using cf-release 214 or lower upgrade to 215 or higher to resolve the aforementioned CVEs.

Credit

Gustavo Grieco

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-3099-2 Linux kernel vulnerabilities
Security Advisory

USN-3099-2 Linux kernel vulnerabilities

by Cloud Foundry Foundation Security Team October 1, 2016
USN-3424-1: libxml2 vulnerabilities
Security Advisory

USN-3424-1: libxml2 vulnerabilities

by Cloud Foundry Foundation Security Team November 1, 2017
USN-3569-1: libvorbis vulnerabilities
Security Advisory

USN-3569-1: libvorbis vulnerabilities

by Cloud Foundry Foundation Security Team May 2, 2018
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept