Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libgd | Libgd | 2.2.4 (including) | 2.2.4 (including) |
Libgd2 | Ubuntu | devel | * |
Libgd2 | Ubuntu | trusty | * |
Libgd2 | Ubuntu | upstream | * |
Libgd2 | Ubuntu | xenial | * |
Libgd2 | Ubuntu | zesty | * |