Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.46%
  • Veröffentlicht 20.12.2017 09:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

  • EPSS 1.15%
  • Veröffentlicht 20.12.2017 09:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

Exploit
  • EPSS 2.3%
  • Veröffentlicht 14.12.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.

Exploit
  • EPSS 2.98%
  • Veröffentlicht 14.12.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.

Exploit
  • EPSS 2.98%
  • Veröffentlicht 14.12.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.

Exploit
  • EPSS 1.6%
  • Veröffentlicht 13.12.2017 22:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.

  • EPSS 1.22%
  • Veröffentlicht 11.12.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

  • EPSS 3.31%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.

Exploit
  • EPSS 1.61%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.

  • EPSS 5.14%
  • Veröffentlicht 08.12.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.