[Bug 1079102] New: VUL-0: CVE-2017-18120: gifsicle: double-free bug in the read_gif function in gifread.c
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.opensuse.org/show_bug.cgi?id=1079102 Bug ID: 1079102 Summary: VUL-0: CVE-2017-18120: gifsicle: double-free bug in the read_gif function in gifread.c Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other URL: https://smash.suse.de/issue/199369/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: manfred99@gmx.ch Reporter: abergmann@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2017-18120 A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different vulnerability than CVE-2017-1000421. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18120 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881120 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18120 https://github.com/kohler/gifsicle/issues/117 https://github.com/kohler/gifsicle/commit/118a46090c50829dc543179019e6140e12... -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.opensuse.org/show_bug.cgi?id=1079102
http://bugzilla.opensuse.org/show_bug.cgi?id=1079102#c1
Manfred Schwarb
participants (1)
-
bugzilla_noreply@novell.com