Headline
CVE-2023-48161: GIFLIB / Bugs / #167 Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
A heap-buffer overflow occurs during the image saving process within the DumpScreen2RGB function in gif2rgb.c, specifically between lines 321 and 323. This vulnerability manifests when a specially crafted GIF is processed for output. It is important to note that this issue is distinct from CVE-2022-28506. While the [5b74cd] commit effectively addresses CVE-2022-28506, it does not provide a resolution for this particular heap-buffer overflow problem. Consequently, even after applying the patch associated with CVE-2022-28506, the heap buffer overflow in question remains unmitigated.
The provided proof of concept (POC) successfully replicates the crash even if the 5b74cd commit (CVE-2022-28506) is applied.
POC crash on line 321 using the following -o output command
./giflib-5.2.1/gif2rgb -o out poc_crash
The POC_crash file is included.
Related news
Ubuntu Security Notice 6824-1 - It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service.
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.