[ALPINE:CVE-2021-40633] giflib vulnerability

Severity Medium

Affected Packages 8

Fixed Packages 8

CVEs 1

[From CVE-2021-40633] A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.

Package	Affected Version
pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=x86&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=s390x&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=riscv64&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=ppc64le&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=armv7&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=armhf&distro=alpine-edge	< 5.2.2-r0
pkg:apk/alpine/giflib?arch=aarch64&distro=alpine-edge	< 5.2.2-r0

Package	Fixed Version
pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=x86&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=s390x&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=riscv64&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=ppc64le&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=armv7&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=armhf&distro=alpine-edge	= 5.2.2-r0
pkg:apk/alpine/giflib?arch=aarch64&distro=alpine-edge	= 5.2.2-r0

ID

ALPINE:CVE-2021-40633

Severity

medium

URL

https://security.alpinelinux.org/vuln/CVE-2021-40633

Published

2022-06-14T11:15:10
(2 years ago)

Modified

2022-06-14T11:15:10
(2 years ago)

Rights

Alpine Linux Security Team

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Fixed	pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	x86_64
Affected	pkg:apk/alpine/giflib?arch=x86_64&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	x86_64
Fixed	pkg:apk/alpine/giflib?arch=x86&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	x86
Affected	pkg:apk/alpine/giflib?arch=x86&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	x86
Fixed	pkg:apk/alpine/giflib?arch=s390x&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	s390x
Affected	pkg:apk/alpine/giflib?arch=s390x&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	s390x
Fixed	pkg:apk/alpine/giflib?arch=riscv64&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	riscv64
Affected	pkg:apk/alpine/giflib?arch=riscv64&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	riscv64
Fixed	pkg:apk/alpine/giflib?arch=ppc64le&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	ppc64le
Affected	pkg:apk/alpine/giflib?arch=ppc64le&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	ppc64le
Fixed	pkg:apk/alpine/giflib?arch=armv7&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	armv7
Affected	pkg:apk/alpine/giflib?arch=armv7&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	armv7
Fixed	pkg:apk/alpine/giflib?arch=armhf&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	armhf
Affected	pkg:apk/alpine/giflib?arch=armhf&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	armhf
Fixed	pkg:apk/alpine/giflib?arch=aarch64&distro=alpine-edge	alpine	giflib	= 5.2.2-r0	alpine-edge	aarch64
Affected	pkg:apk/alpine/giflib?arch=aarch64&distro=alpine-edge	alpine	giflib	< 5.2.2-r0	alpine-edge	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date