Lucene search
UbuntuUSN-3389-1HistoryAug 14, 2017 - 12:00 a.m.
GD vulnerability
2017-08-1400:00:00
ubuntu.com
38
Releases
- Ubuntu 17.04
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Packages
- libgd2 - GD Graphics Library
Details
A vulnerability was discovered in GD Graphics Library (aka libgd),
as used in PHP that does not zero colorMap arrays before use.
A specially crafted GIF image could use the uninitialized tables to
read bytes from the top of the stack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 17.04 | noarch | libgd-tools | < 2.2.4-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 17.04 | noarch | libgd-dev | < 2.2.4-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 17.04 | noarch | libgd-tools-dbgsym | < 2.2.4-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 17.04 | noarch | libgd3 | < 2.2.4-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 17.04 | noarch | libgd3-dbgsym | < 2.2.4-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libgd-tools | < 2.1.1-4ubuntu0.16.04.7 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libgd-dbg | < 2.1.1-4ubuntu0.16.04.7 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libgd-dev | < 2.1.1-4ubuntu0.16.04.7 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libgd-dev-dbgsym | < 2.1.1-4ubuntu0.16.04.7 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libgd-tools-dbgsym | < 2.1.1-4ubuntu0.16.04.7 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)
2017-08-10 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3389-1)
2018-10-26 00:00:00
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1249)
2020-01-23 00:00:00
Debian: Security Advisory (DSA-3938-1)
2017-08-11 00:00:00
debiancve
debiancve
CVE-2017-7890
2017-08-02 19:29:00
oraclelinux
oraclelinux
php security update
2018-03-07 00:00:00
debian
debian
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:19
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:36
[SECURITY] [DLA 1055-1] libgd2 security update
2017-08-12 21:40:36
cvelist
cvelist
CVE-2017-7890
2017-08-02 19:00:00
nessus
nessus
EulerOS Virtualization 2.5.0 : php (EulerOS-SA-2018-1249)
2018-09-18 00:00:00
Debian DLA-1055-1 : libgd2 security update
2017-08-14 00:00:00
Debian DSA-3938-1 : libgd2 - security update
2017-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2017-7890
2017-08-02 00:00:00
ubuntu
ubuntu
GD vulnerability
2017-08-14 00:00:00
centos
centos
php security update
2018-03-10 01:07:54
veracode
veracode
Information Disclosure
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
osv
osv
libgd2 - security update
2017-08-12 00:00:00
libgd2 - security update
2017-08-12 00:00:00
CVE-2017-7890
2017-08-02 19:29:00
cve
cve
CVE-2017-7890
2017-08-02 19:29:00
freebsd
freebsd
php-gd and gd -- Buffer over-read into uninitialized memory
2017-08-02 00:00:00
alpinelinux
alpinelinux
CVE-2017-7890
2017-08-02 19:29:00
ibm
ibm
Security Bulletin: A vulnerability in PHP affects PowerKVM
2018-06-18 01:42:20
redhatcve
redhatcve
CVE-2017-7890
2017-07-21 19:18:29
prion
prion
Information disclosure
2017-08-02 19:29:00
redhat
redhat
(RHSA-2018:0406) Moderate: php security update
2018-03-06 18:36:35
f5
f5
PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890
2017-08-08 00:03:00
K01709026 : PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226
2017-08-07 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: gd-2.2.5-1.fc25
2017-09-06 20:52:42
[SECURITY] Fedora 26 Update: gd-2.2.5-1.fc26
2017-09-02 22:27:10
[SECURITY] Fedora 27 Update: gd-2.2.5-1.fc27
2017-09-30 07:21:04
slackware
slackware
[slackware-security] gd
2018-04-19 01:44:39
mageia
mageia
Updated php and libgd packages fix security vulnerabilities
2017-08-08 01:16:24
amazon
amazon
Medium: php70
2017-08-03 20:38:00
suse
suse
Security update for php7 (important)
2017-08-30 19:30:52
Security update for php7 (important)
2017-09-04 12:07:53
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45