Candidate: CVE-2019-13568
PublicDate: 2019-07-31 15:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13568
Description:
 CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h
 because of erroneous memory allocation for a malformed BMP image.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_cimg:
 upstream: https://github.com/dtschump/CImg/commit/ac8003393569aba51048c9d67e1491559877b1d1
upstream_cimg: needs-triage
precise/esm_cimg: DNE
trusty_cimg: ignored (out of standard support)
trusty/esm_cimg: DNE
xenial_cimg: not-affected (code not present)
bionic_cimg: needed
disco_cimg: ignored (reached end-of-life)
eoan_cimg: ignored (reached end-of-life)
focal_cimg: needed
groovy_cimg: not-affected (2.8.4+dfsg-1)
hirsute_cimg: not-affected (2.8.4+dfsg-1)
impish_cimg: not-affected (2.8.4+dfsg-1)
jammy_cimg: not-affected (2.8.4+dfsg-1)
devel_cimg: not-affected (2.8.4+dfsg-1)