Lucene search
Ubuntu.comUB:CVE-2022-3857HistoryMar 06, 2023 - 12:00 a.m.
CVE-2022-3857
2023-03-0600:00:00
ubuntu.com
ubuntu.com
21
libpng 1.6.38
segmentation fault
denial of service
png_setup_paeth_row function
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.3%
A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a
segmentation fault and denial of service in png_setup_paeth_row() function.
Bugs
- <https://sourceforge.net/p/libpng/bugs/300/>
- <https://bugzilla.redhat.com/show_bug.cgi?id=2142600>
Notes
| Author | Note |
|---|---|
| iconstantin | no upstream fix available as of 2024-07-02 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 14.04 | noarch | libpng | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | libpng | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | libpng1.6 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | libpng1.6 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | libpng1.6 | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | libpng1.6 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | libpng1.6 | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | libpng1.6 | < any | UNKNOWN |
Related
osv
osv
CVE-2022-3857
2023-03-06 23:15:11
cbl_mariner
cbl_mariner
CVE-2022-3857 affecting package tensorflow for versions less than 2.16.1-1
2024-04-17 22:02:46
CVE-2022-3857 affecting package qt5-qtbase 5.12.11-7
2024-07-03 03:08:33
CVE-2022-3857 affecting package syslinux 6.04-10
2024-07-03 03:08:37
prion
prion
Design/Logic Flaw
2023-03-06 23:15:00
nvd
nvd
CVE-2022-3857
2023-03-06 23:15:11
nessus
nessus
RHEL 9 : libpng (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : libpng (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : libpng (Unpatched Vulnerability)
2024-06-03 00:00:00
alpinelinux
alpinelinux
CVE-2022-3857
2023-03-06 23:15:00
cve
cve
CVE-2022-3857
2023-03-06 23:15:11
redhatcve
redhatcve
CVE-2022-3857
2022-11-14 14:56:14
debiancve
debiancve
CVE-2022-3857
1976-01-01 00:00:00
cvelist
cvelist
CVE-2022-3857
2023-03-06 00:00:00
avleonov
avleonov
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.3%
Related for UB:CVE-2022-3857