VDB

GCVE-110-MAGEIA-2016-140

GCVE-110-MAGEIA-2016-140
Advisory Published
Vulnetix · Advisory published April 13, 2016
Updated imlib2 packages fix security vulnerabilities: An out-of-bounds read caused by an off-by-one error in __imlib_MergeUpdate() in src/lib/updates.c in imlib2 1.4.8 and earlier (CVE-2016-3993). An out-of-bounds read from colormap in the GIF loader in imlib2 1.4.8 and earlier can result in denial of service and potential host memory exposure (CVE-2016-3994). Attempting to draw a 2x1 ellipse with e.g. imlib_image_draw_ellipse(x, y, 2, 1) causes a divide-by-zero in imlib2 1.4.8 and earlier, resulting in a denial of service if an application uses the draw command with untrusted input (CVE-2011-5326).

Affected Products

VendorProductVersionsPlatforms
Mageiaimlib20 (affected), 1.4.8-1.mga5 (unaffected), 0 (affected), 1.4.8-1.mga5 (unaffected)
Mageiadrakx-installer-binaries0 (affected), 2.13.1-1.mga5 (unaffected)
Mageiadrakx-installer-rescue0 (affected), 1.52-5.mga5 (unaffected)
Mageiadrakxtools0 (affected), 16.105.1-1.mga5 (unaffected)
Mageiadrakx-installer-stage20 (affected), 16.105.2-1.mga5 (unaffected)
Mageiadrakx-installer-images0 (affected), 2.26.1-1.mga5 (unaffected), 2.26.1-1.mga5.nonfree (unaffected), 0 (affected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›