12 matches found
DEBIAN-CVE-2026-40492
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
CVE-2026-40492
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
CVE-2026-40492
SAIL’s CVE-2026-40492 describes a heap buffer overflow in the XWD decoder caused by a mismatch: when pixmap_depth=8, the code uses bits_per_pixel=32 for byte-swapping, leading to memory access beyond the 1-byte/pixel buffer. The issue affects versions prior to the patch 36aa5c7ec8a2bb35f6fb867a11...
CVE-2026-40492
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
CVE-2026-40492 SAIL has heap buffer overflow in XWD decoder — bits_per_pixel vs pixmap_depth type confusion in byte-swap
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
EUVD-2026-23644
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
CVE-2026-40492
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
Linux Distros Unpatched Vulnerability : CVE-2026-40492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...
PT-2026-33585
Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02 Description The XWD codec resolves pixel format based on the pixmap depth variable, but the byte-swap code independently uses bits per pixel. When pixmap depth is 8 BPP8...
CVE-2023-52750 arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to match...
SUSE CVE-2018-10780
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read...
MOAB-11-01-2007: Apple DMG UFS byte_swap_sbin() Integer Overflow Vulnerability
Summary The byteswapsbin function, one of the UFS byte swapping routines this code isn't present in FreeBSD and it's Mac OS X XNU-specific; used for compatibility of filesystem streams between little and big-endian systems is affected by a integer overflow vulnerability, leading to an exploitable...