CVE-2022-48622

2024-01-2600:00:00

ubuntu.com

gnome gdkpixbuf

ani decoder

heap memory corruption

denial of service

code execution attack

gdk_pixbuf_set_option

ani loader

ubuntu packages

deferred

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

24.9%

JSON

In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows
animated cursor) decoder encounters heap memory corruption (in
ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A
crafted file could allow an attacker to overwrite heap metadata, leading to
a denial of service or code execution attack. This occurs in
gdk_pixbuf_set_option() in gdk-pixbuf.c.

Bugs

<https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202>

Notes

Author	Note
mdeslaur	Ubuntu packages do have the ANI loader enabled.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchgdk-pixbuf< 2.36.11-2ubuntu0.1~esm1UNKNOWN
ubuntu20.04noarchgdk-pixbuf< 2.40.0+dfsg-3ubuntu0.5UNKNOWN
ubuntu22.04noarchgdk-pixbuf< 2.42.8+dfsg-1ubuntu0.3UNKNOWN
ubuntu23.10noarchgdk-pixbuf< 2.42.10+dfsg-1ubuntu0.1UNKNOWN
ubuntu24.04noarchgdk-pixbuf< 2.42.10+dfsg-3ubuntu3.1UNKNOWN
ubuntu16.04noarchgdk-pixbuf< 2.32.2-1ubuntu1.6+esm1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	gdk-pixbuf	< 2.36.11-2ubuntu0.1~esm1	UNKNOWN
ubuntu	20.04	noarch	gdk-pixbuf	< 2.40.0+dfsg-3ubuntu0.5	UNKNOWN
ubuntu	22.04	noarch	gdk-pixbuf	< 2.42.8+dfsg-1ubuntu0.3	UNKNOWN
ubuntu	23.10	noarch	gdk-pixbuf	< 2.42.10+dfsg-1ubuntu0.1	UNKNOWN
ubuntu	24.04	noarch	gdk-pixbuf	< 2.42.10+dfsg-3ubuntu3.1	UNKNOWN
ubuntu	16.04	noarch	gdk-pixbuf	< 2.32.2-1ubuntu1.6+esm1	UNKNOWN