CVE Vulnerabilities

CVE-2018-11213

Published: May 16, 2018 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
5.3 LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Ubuntu
LOW
root.io logo minimus.io logo echo.ai logo

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

Affected Software

NameVendorStart VersionEnd Version
LibjpegIjg9a (including)9a (including)
Red Hat Enterprise Linux 7RedHatlibjpeg-turbo-0:1.2.90-8.el7*
Libjpeg-turboUbuntuesm-infra-legacy/trusty*
Libjpeg-turboUbuntutrusty*
Libjpeg-turboUbuntutrusty/esm*
Libjpeg-turboUbuntuupstream*
Libjpeg6bUbuntuartful*
Libjpeg6bUbuntubionic*
Libjpeg6bUbuntucosmic*
Libjpeg6bUbuntudevel*
Libjpeg6bUbuntudisco*
Libjpeg6bUbuntueoan*
Libjpeg6bUbuntuesm-apps/bionic*
Libjpeg6bUbuntuesm-apps/focal*
Libjpeg6bUbuntuesm-apps/jammy*
Libjpeg6bUbuntuesm-apps/noble*
Libjpeg6bUbuntuesm-apps/xenial*
Libjpeg6bUbuntuesm-infra-legacy/trusty*
Libjpeg6bUbuntufocal*
Libjpeg6bUbuntugroovy*
Libjpeg6bUbuntuhirsute*
Libjpeg6bUbuntuimpish*
Libjpeg6bUbuntujammy*
Libjpeg6bUbuntukinetic*
Libjpeg6bUbuntulunar*
Libjpeg6bUbuntumantic*
Libjpeg6bUbuntunoble*
Libjpeg6bUbuntuoracular*
Libjpeg6bUbuntuplucky*
Libjpeg6bUbuntuquesting*
Libjpeg6bUbuntutrusty*
Libjpeg6bUbuntutrusty/esm*
Libjpeg6bUbuntuupstream*
Libjpeg6bUbuntuxenial*
Libjpeg9Ubuntuartful*
Libjpeg9Ubuntubionic*
Libjpeg9Ubuntucosmic*
Libjpeg9Ubuntuesm-apps/bionic*
Libjpeg9Ubuntuesm-apps/xenial*
Libjpeg9Ubuntuupstream*
Libjpeg9Ubuntuxenial*

References