Bug 2142600 (CVE-2022-3857) - CVE-2022-3857 libpng: Null pointer dereference leads to segmentation fault
Summary: CVE-2022-3857 libpng: Null pointer dereference leads to segmentation fault
Keywords:
Status: NEW
Alias: CVE-2022-3857
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2142605 2142604 2142614 2142615 2142616 2143292 2143293 2143294 2143295 2143296 2143297 2143298 2143299 2143300
Blocks: 2140004 2150761
TreeView+ depends on / blocked
 
Reported: 2022-11-14 14:50 UTC by Marco Benatto
Modified: 2024-08-19 22:22 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Marco Benatto 2022-11-14 14:50:47 UTC
A crafted PNG image can lean to a segmentation fault and DoS in png_setup_paeth_row() function.

Comment 1 Marco Benatto 2022-11-14 15:01:17 UTC
Created java-latest-openjdk tracking bugs for this issue:

Affects: epel-8 [bug 2142605]


Created libpng tracking bugs for this issue:

Affects: fedora-all [bug 2142604]

Comment 5 Marco Benatto 2022-11-28 14:31:55 UTC
Recent updates on the upstream bug shows this CVE may be compiler related:
https://sourceforge.net/p/libpng/bugs/300/

Comment 8 Mark Esler 2024-08-19 22:16:17 UTC
I have asked the libpng maintainers and issue reporter to clarify if they believe this issue warrants a CVE:
https://sourceforge.net/p/libpng/bugs/300/#49ea

Comment 9 Mark Esler 2024-08-19 22:22:12 UTC
I'm curious about that status change `Assignee: security-response-team → nobody`

Does the CNA or Root email contact [0] track issues that Red Hat assigns CVEs to?

[0] https://www.cve.org/PartnerInformation/ListofPartners/partner/redhat


Note You need to log in before you can comment on or make changes to this bug.