Lucene search
Ubuntu.comUB:CVE-2020-29385HistoryDec 08, 2020 - 12:00 a.m.
CVE-2020-29385
2020-12-0800:00:00
ubuntu.com
ubuntu.com
13
0.002 Low
EPSS
Percentile
55.5%
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service
(infinite loop) in lzw.c in the function write_indexes. if c->self_code
equals 10, self->code_table[10].extends will assign the value 11 to c. The
next execution in the loop will assign self->code_table[11].extends to c,
which will give the value of 10. This will make the loop run infinitely.
This bug can, for example, be triggered by calling this function with a GIF
image with LZW compression that is crafted in a special way.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | per upstream bug, gdk-pixbuf < 2.39.2 is not vulnerable |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | gdk-pixbuf | < 2.40.0+dfsg-3ubuntu0.1 | UNKNOWN |
| ubuntu | 20.10 | noarch | gdk-pixbuf | < 2.40.0+dfsg-5ubuntu0.1 | UNKNOWN |
Related
osv
osv
CVE-2020-29385
2020-12-26 02:15:12
gdk-pixbuf vulnerability
2020-12-08 15:32:20
veracode
veracode
Denial Of Service (DoS)
2021-04-29 12:19:44
debiancve
debiancve
CVE-2020-29385
2020-12-26 02:15:12
redhatcve
redhatcve
CVE-2020-29385
2021-02-10 12:03:54
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:0184-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for gdk-pixbuf (openSUSE-SU-2021:0150-1)
2021-04-16 00:00:00
Ubuntu: Security Advisory (USN-4663-1)
2020-12-09 00:00:00
archlinux
archlinux
[ASA-202012-20] lib32-gdk-pixbuf2: denial of service
2020-12-09 00:00:00
[ASA-202012-19] gdk-pixbuf2: denial of service
2020-12-09 00:00:00
nessus
nessus
GLSA-202012-15 : GDK-PixBuf: Denial of service
2020-12-24 00:00:00
Ubuntu 20.04 LTS : GDK-PixBuf vulnerability (USN-4663-1)
2020-12-09 00:00:00
SUSE SLED15 / SLES15 Security Update : gdk-pixbuf (SUSE-SU-2021:0184-1)
2021-01-22 00:00:00
cvelist
cvelist
CVE-2020-29385
2020-12-26 02:01:49
cve
cve
CVE-2020-29385
2020-12-26 02:15:12
prion
prion
Code injection
2020-12-26 02:15:00
ubuntu
ubuntu
GDK-PixBuf vulnerability
2020-12-08 00:00:00
suse
suse
Security update for gdk-pixbuf (moderate)
2021-01-24 00:00:00
alpinelinux
alpinelinux
CVE-2020-29385
2020-12-26 02:15:12
gentoo
gentoo
GDK-PixBuf: Denial of service
2020-12-23 00:00:00
redos
redos
ROS-20240408-09
2024-04-08 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-5.0-0141
2023-11-14 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0506
2023-11-05 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: gdk-pixbuf2-2.42.2-2.fc33
2021-02-23 00:25:49
[SECURITY] Fedora 33 Update: mingw-gdk-pixbuf-2.42.2-1.fc33
2021-03-15 01:20:00
[SECURITY] Fedora 34 Update: mingw-gdk-pixbuf-2.42.2-1.fc34
2021-03-19 20:28:40
nvd
nvd
NVD:CVE-2020-29385
2020-12-26 02:15:12