GNOME GdkPixbuf (aka GDK-PixBuf) prior to 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnome gdk-pixbuf |
||
fedoraproject fedora 35 |
||
debian debian linux 11.0 |