CVE-2024-25448

Name
CVE-2024-25448
Description
An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://git.enlightenment.org/old/legacy-imlib2/issues/20
cve@mitre.org https://github.com/derf/feh/issues/711

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:enlightenment:imlib2:1.9.1:*:*:*:*:*:*:* imlib2 == None == 1.9.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
imlib2 3.17-main 1.9.1-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable