CVE-2018-14553 - gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attack

CVE-2018-14553

Summary

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).

References

Vulnerable Configurations

cpe:2.3:a:libgd:libgd:2.1.0:-:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.1.0:-:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 30-12-2021 - 22:04)
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

rpms

gd-0:2.2.5-7.el8
gd-debuginfo-0:2.2.5-7.el8
gd-debugsource-0:2.2.5-7.el8
gd-devel-0:2.2.5-7.el8
gd-progs-debuginfo-0:2.2.5-7.el8

refmap via4

fedora	FEDORA-2020-e795f92d79
misc	https://bugzilla.redhat.com/show_bug.cgi?id=1599032 https://github.com/libgd/libgd/commit/a93eac0e843148dc2d631c3ba80af17e9c8c860f https://github.com/libgd/libgd/pull/580
mlist	[debian-lts-announce] 20200218 [SECURITY] [DLA 2106-1] libgd2 security update
suse	openSUSE-SU-2020:0332
ubuntu	USN-4316-1 USN-4316-2

Last major update

30-12-2021 - 22:04

Published

11-02-2020 - 13:15

Last modified

30-12-2021 - 22:04