Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libpng | Libpng | * | 1.2.38 (including) |
Libpng | Libpng | 1.2.39 (including) | 1.2.39 (including) |
Libpng | Libpng | 1.2.39-beta1 (including) | 1.2.39-beta1 (including) |
Libpng | Libpng | 1.2.39-beta2 (including) | 1.2.39-beta2 (including) |
Libpng | Libpng | 1.2.39-beta3 (including) | 1.2.39-beta3 (including) |
Libpng | Libpng | 1.2.39-beta4 (including) | 1.2.39-beta4 (including) |
Libpng | Ubuntu | hardy | * |
Libpng | Ubuntu | upstream | * |