VDB
GCVE-110-MAGEIA-2018-16
GCVE-110-MAGEIA-2018-16
Advisory Published
JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability
(CVE-2017-2862).
tiff_image_parse Code Execution Vulnerability (CVE-2017-2870).
Ariel Zelivansky discovered that the GDK-PixBuf library did not properly
handle printing certain error messages. If an user or automated system were
tricked into opening a specially crafted image file, a remote attacker
could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of
service (CVE-2017-6311).
Out-of-bounds read on io-ico.c (CVE-2017-6312).
A dangerous integer underflow in io-icns.c (CVE-2017-6313).
Infinite loop in io-tiff.c (CVE-2017-6314).
Note, the CVE-2017-2862, CVE-2017-2870, and CVE-2017-6311 issues only
affected Mageia 5.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | gdk-pixbuf2.0 | 2.36.10-1.1.mga6 (unaffected), 2.36.10-1.1.mga6 (unaffected), 0 (affected), 0 (affected) | — |
| Mageia | gdk-pixbuf2.0 | 0 (affected), 2.32.3-1.1.mga5 (unaffected), 2.32.3-1.1.mga5 (unaffected), 0 (affected) | — |
| Mageia | purple-facebook | 0 (affected), 0.9.5-1.mga6 (unaffected) | — |
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.