liblcms2.so is vulnerable to denial of service. The vulnerability exists in the AllocateDataSet
function of cmscgats.c
because of not limiting the size of the Data
from integer multiplication, leading to an attack if a malicious IT8 calibration file is passed to the second argument to cmsIT8LoadFromFile
.
CPE | Name | Operator | Version |
---|---|---|---|
liblcms2.so | eq | 2.0.6 | |
openjdk8:3.5 | eq | 8.181.13-r0 | |
liblcms2.so | eq | 2.0.6 | |
openjdk8:3.5 | eq | 8.181.13-r0 |
access.redhat.com/errata/RHSA-2018:3004
github.com/mm2/Little-CMS/commit/768f70ca405cd3159d990e962d54456773bb8cf8
github.com/mm2/Little-CMS/issues/171
lists.debian.org/debian-lts-announce/2018/09/msg00005.html
security.gentoo.org/glsa/202105-18
usn.ubuntu.com/3770-1/
usn.ubuntu.com/3770-2/
www.debian.org/security/2018/dsa-4284