Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-7890

The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.

Related bugs and status

CVE-2017-7890 (Candidate) is related to these bugs:

Bug #1717016: FTBFS in Artful on i386

Summary				In	Importance	Status
	1717016	FTBFS in Artful on i386		libgd2 (Ubuntu)	Undecided	Fix Released
	1717016	FTBFS in Artful on i386		libgd2 (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://php.net/ChangeL...
CONFIRM: http://php.net/ChangeL...
CONFIRM: https://bugs.php.net/b...
CONFIRM: https://bugs.php.net/p...
BID: 99492
CONFIRM: https://www.tenable.co...
DEBIAN: DSA-3938
CONFIRM: https://security.netap...
REDHAT: RHSA-2018:0406
REDHAT: RHSA-2018:1296