GD Graphics Library gdImage*Ptr() Functions Double Free Vulnerability [CVE-2019-6978]
CVE number – CVE-2019-6978
A vulnerability in GD Graphics Library (libgd) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to a double-free condition that exists in the gdImage*Ptr() functions, as defined in the gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c source code files of the affected software. An attacker could exploit the vulnerability by sending crafted image data that submits malicious input to the targeted system. A successful exploit could trigger a double-free condition, which could result in a complete system compromise.Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.The libgd project has confirmed the vulnerability, and software updates are available.
Analysis
- To exploit this vulnerability, the attacker must send a crafted image data to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.
Safeguards
- Administrators are advised to apply the appropriate updates.Administrators are advised to allow only trusted users to have network access.Administrators can help protect affected systems from external attacks by using a solid firewall strategy.Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.Administrators are advised to monitor affected systems.
Vendor Announcements
- The libgd project has released an issue report at the following link: Issue 492
Fixed Software
- The libgd project has released a software patch at the following link: Fix #492: Potential double-free in gdImage*Ptr()
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.