PT-2022-6943 · Fig2Dev · Fig2Dev
Hungchun Chiu
·
Published
2022-01-12
·
Updated
2022-01-28
·
CVE-2021-37529
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
fig2dev versions 3.28a and earlier
Description
A double-free vulnerability exists in the
free stream function in readpics.c, which could cause a denial of service. This issue is context-dependent and may allow an attacker to disrupt service.Recommendations
For versions 3.28a and earlier, consider disabling the
free stream function in readpics.c as a temporary workaround until a patch is available. Restrict access to the readpics.c module to minimize the risk of exploitation.Exploit
Fix
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fig2Dev