A vulnerability was found in icoutils in extract.c. It is possible to access unallocated memory via wrestool while parsing maliciously crafted file which would make the application crash or possibly allow code execution.
Created icoutils tracking bugs for this issue:
Affects: fedora-all [bug 1412265]
Affects: epel-6 [bug 1412266]
This is the essentially the same as CVE-2017-5333 (bug 1412259), but only considers the OOB read aspect.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2017:0837 https://rhn.redhat.com/errata/RHSA-2017-0837.html