Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9a8b4efc-2322-475b-81ba-939d0f9c6878@aosc.io>
Date: Mon, 7 Apr 2025 23:07:55 +0800
From: Mingcong Bai <jeffbai@...c.io>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2025-31344: giflib: The giflib open-source
 component has a buffer overflow vulnerability.

Hi,

在 2025/4/7 21:15, 李亚杰 写道:
> Affected Versions:
> - giflib 5.2.2 and below
> 
> Description:
> In the function DumpScreen2RGB of the giflib software, an attempt is made to access the color map through ColorMapEntry. The size of ColorMap is 6 bytes (from 0x602000000030 to 0x602000000036). However, when accessing ColorMap->Colors[GifRow[j]], the value of GifRow[j] exceeds the actual number of colors stored. The address pointed to by ColorMapEntry, 0x602000000039, goes beyond the allocated memory range for color data. As a result, accessing ColorMapEntry->Red leads to out-of-bounds access, causing a heap-buffer-overflow.

Thanks for the disclosure, but any pointer to potential fixes or maybe a 
new release? I'm confused (because we distributions should now be 
working to mitigate, as it is now disclosed)...

Best Regards,
Mingcong Bai>
> Credits:
> JiaXuan Song(m202372152@...t.edu.cn)
> bale.cen(cenxianlong@...wei.com)
> 
> Best Regards,
> Yajie Li
> 
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.