A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in gThumb and Pix allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. References and upstream commits: https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad https://gitlab.gnome.org/GNOME/gthumb/commit/14860321ce3235d420498c4f81f21003d1fb78f4
Created gthumb tracking bugs for this issue: Affects: epel-7 [bug 1796911] Affects: fedora-all [bug 1796910]
Statement: The vulnerable code was introduced in gthumb 2.13.2. Therefore the versions of gthumb package shipped with Red Hat Enterprise Linux 5 and 6 are not affected by this flaw.