CVE-2014-9771 in Ubuntu

CVE-2014-9771

Priority

Description

Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a
denial of service (memory consumption or application crash) via a crafted
image, which triggers an invalid read operation.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9771
http://www.openwall.com/lists/oss-security/2016/04/09/3
https://ubuntu.com/security/notices/USN-3075-1

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206
https://bugzilla.redhat.com/show_bug.cgi?id=1324774

Notes

Package

Source: imlib2 (LP Ubuntu Debian)

Upstream:	released (1.4.7-1)
Ubuntu 14.04 ESM:	released (1.4.6-2ubuntu0.1)
Ubuntu 20.04 FIPS Compliant:	not-affected

Patches:

Upstream:

https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f2993d7ccb73b26bb83abac6fa86f443981f9

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 12:03:15 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)