** Description changed:
The CImg library uses an unsafe pattern to calculate memory allocations
size. At least in the PNM file format parser, an attacker can trivially
supply width/height fields that overflow the heap and result in
arbitrary heap writes. This probably also affects other fi
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25693
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1900983
Title:
Multiple heap buffer overflows caused by int overflow
To manage
** Description changed:
The CImg library uses an unsafe pattern to calculate memory allocations
size. At least in the PNM file format parser, an attacker can trivially
supply width/height fields that overflow the heap and result in
arbitrary heap writes. This probably also affects other fi