CVE-2022-44617
CVSS V2 None
CVSS V3 None
Description
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
Overview
- CVE ID
- CVE-2022-44617
- Assigner
- secalert@redhat.com
- Vulnerability Status
- Modified
- Published Version
- 2023-02-06T23:15:09
- Last Modified Date
- 2023-03-03T15:15:10
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:libxpm_project:libxpm:*:*:*:*:*:*:*:* | 1 | OR | 3.5.15 |
References
| Reference URL | Reference Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2160193 | Issue Tracking Patch Third Party Advisory |
| https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28 | |
| https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9 | |
| https://lists.x.org/archives/xorg-announce/2023-January/003312.html |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-44617 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44617 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:19:05 | Added to TrackCVE | |||
| 2023-04-17 07:19:08 | Weakness Enumeration | new |