1936571 – gimp: Buffer overflow in plug-ins/flame/libifs.c

Bug 1936571 - gimp: Buffer overflow in plug-ins/flame/libifs.c

Summary: gimp: Buffer overflow in plug-ins/flame/libifs.c

Keywords:
Status:	NEW
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2143177 2143178 2143179 2143180
Blocks:	1936572
TreeView+	depends on / blocked

Reported:	2021-03-08 18:36 UTC by Pedro Sampaio
Modified:	2023-07-07 08:35 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2021-03-08 18:36:29 UTC

A flaw was found in gimp 2.10.22-2. A buffer over flow in plug-ins/flame/libifs.c may lead to corrupted memory via crafted file.

Comment 1 Stefan Cornelius 2022-11-16 09:45:13 UTC

Patches:
https://gitlab.gnome.org/GNOME/gimp/-/commit/b7219d51b150fa10018ccc810824940ea56284f1
https://gitlab.gnome.org/GNOME/gimp/-/commit/5481b110f955213cca2e893f71b275a19f2530f7
https://gitlab.gnome.org/GNOME/gimp/-/commit/b36cc3ab3f0440edc611f35cc16442839526aa09
https://gitlab.gnome.org/GNOME/gimp/-/commit/b3186d72ee559b8ba78900acba134967338bf642

Comment 2 Stefan Cornelius 2022-11-16 09:56:29 UTC

Created gimp tracking bugs for this issue:

Affects: fedora-all [bug 2143179]

Note You need to log in before you can comment on or make changes to this bug.