CVE-2021-38115

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions LibGD versions through 2.3.2

Description The issue is related to the read header tga function in the gd tga.c component of the LibGD graphics library. It involves reading beyond the valid boundaries of a data buffer. This can be exploited by a remote attacker using a specially crafted TGA file to cause a denial of service due to an out-of-bounds read.

Recommendations For versions through 2.3.2, consider updating to a version that fixes this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

AZL-6431

BDU:2022-05785

CVE-2021-38115

DLA-3781-1

DLA-4411-1

MGASA-2021-0433

OESA-2021-1315

USN-5068-1

Affected Products

Astra Linux

Debian

Libgd

Linuxmint

Ubuntu

CVE-2021-38115

Weakness Enumeration

Related Identifiers

Affected Products

References · 32