oss-sec mailing list archives
Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability.
From: Hanno Böck <hanno () hboeck de>
Date: Mon, 7 Apr 2025 18:03:44 +0200
On Mon, 07 Apr 2025 21:15:25 +0800 李亚杰 <liyajie () openeuler sh> wrote:
In the function DumpScreen2RGB of the giflib software, an attempt is made to access the color map through ColorMapEntry. The size of ColorMap is 6 bytes (from 0x602000000030 to 0x602000000036). However, when accessing ColorMap->Colors[GifRow[j]], the value of GifRow[j] exceeds the actual number of colors stored. The address pointed to by ColorMapEntry, 0x602000000039, goes beyond the allocated memory range for color data. As a result, accessing ColorMapEntry->Red leads to out-of-bounds access, causing a heap-buffer-overflow.
I... think I reported this in 2016 already: https://sourceforge.net/p/giflib/bugs/79/ The bug was closed without a fix, yet with giflib's author claiming multiple times that it was fixed. -- Hanno Böck https://hboeck.de/
Current thread:
- CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. 李亚杰 (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Mingcong Bai (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Hanno Böck (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Bernhard Rosenkränzer (Apr 07)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Sebastian Pipping (Apr 09)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Bernhard Rosenkränzer (Apr 09)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Sebastian Pipping (Apr 09)
- Re: CVE-2025-31344: giflib: The giflib open-source component has a buffer overflow vulnerability. Bernhard Rosenkränzer (Apr 09)