An out of boundary write has been found in libXpm which can be exploited by an attacker through maliciously crafted XPM files.
The affected code is prone to two 32 bit integer overflows while parsing extensions: the amount of extensions and their concatenated length.
Created libXpm tracking bugs for this issue:
Affects: fedora-24 [bug 1416442]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2017:1865 https://access.redhat.com/errata/RHSA-2017:1865