GDK-Pixbuf BMP Image Processing Double Free Remote Denial of Service Vulnerability

GDK-Pixbuf BMP Image Processing Double Free Remote Denial of Service Vulnerability

The gdk-pixbuf library is reported prone to a denial-of-service vulnerability. This issue arises due to a double-free condition.

Reportedly, this vulnerability presents itself when an application that is linked against the library handles malformed bitmap (.bmp) image files.

A successful attack may result in a denial-of-service condition. It is not confirmed whether this vulnerability could be leveraged to execute arbitrary code.

The gdk-pixbuf 0.22.0 and gtk2 2.4.14 packages are known to be vulnerable to this issue. Other versions are likely affected as well.

This BID will be updated when more information becomes available.