FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libpng buffer overflow in png_set_PLTE

Affected packages
png < 1.6.20

Details

VuXML ID 1886e195-8b87-11e5-90e7-b499baebfeaf
Discovery 2015-11-15
Entry 2015-11-15
Modified 2015-12-08

libpng reports:

CVE for a vulnerability in libpng, all versions, in the png_set_PLTE/png_get_PLTE functions. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8.

References

CVE Name CVE-2015-8126
CVE Name CVE-2015-8472
URL http://www.openwall.com/lists/oss-security/2015/11/12/2
URL http://www.openwall.com/lists/oss-security/2015/12/03/6