Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2017-6311

Published: 9 March 2017

gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.

Priority

Low

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package Release Status
gdk-pixbuf
Launchpad, Ubuntu, Debian 		precise Ignored
(end of life)
trusty
Released (2.30.7-0ubuntu1.7)
upstream Needs triage

xenial
Released (2.32.2-1ubuntu1.3)
yakkety Ignored
(end of life)
zesty
Released (2.36.5-3ubuntu0.2)
Patches:
upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=57362ed4c1f37c05723e25e136327e262f32d35f
upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=758655315bc3760c2d646e1e935f7448847073af
upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=67a02e1bfef1ae8f7fa50ca36f6d922c1b6d3ed6

Severity score breakdown

Parameter Value
Base score 7.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading