PT-2018-10215 · Free Lossless Image Format+1 · Flif+1

Enchantedjohn

Published

2018-05-10

Updated

2024-06-25

CVE-2018-10971

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Free Lossless Image Format (FLIF) version 0.3

Description An issue in the Plane function in image/image.hpp allows remote attackers to cause a denial of service through attempted excessive memory allocation via a crafted file.

Recommendations For Free Lossless Image Format (FLIF) version 0.3, consider avoiding the use of the Plane function in image/image.hpp until a patch is available. As a temporary workaround, restrict the processing of crafted files to minimize the risk of exploitation.

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALT-PU-2024-4694

ALT-PU-2024-4724

ALT-PU-2024-4911

ALT-PU-2024-8952

CVE-2018-10971

Affected Products

Alt Linux

Flif

PT-2018-10215 · Free Lossless Image Format+1 · Flif+1

CVE-2018-10971

Weakness Enumeration

Related Identifiers

Affected Products

References · 19