CVE-2015-8540

NameCVE-2015-8540
DescriptionInteger underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-375-1, DSA-3443-1
NVD severityhigh
Debian Bugs807694

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libpngsourcesqueeze1.2.44-1+squeeze6DLA-375-1
libpngsourcewheezy1.2.49-1+deb7u2DSA-3443-1
libpngsourcejessie1.2.50-2+deb8u2DSA-3443-1
libpngsource(unstable)(unfixed)807694

Notes

https://www.openwall.com/lists/oss-security/2015/12/10/6
https://sourceforge.net/p/libpng/bugs/244/
http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/
Fixed in 1.0.66, 1.2.56, 1.4.19, and 1.5.26

Search for package or bug name: Reporting problems