[3.5] gimp: Use-after-free vulnerabilities in the channel and layer properties parsing proces (CVE-2016-4994)ID: oval:org.secpod.oval:def:1800586 | Date: (C)2018-03-28 (M)2023-02-20 |
Class: PATCH | Family: unix |
The properties PROP_ACTIVE_LAYER, PROP_FLOATING_SELECTION, PROP_ACTIVE_CHANNEL saves the current object pointer the @info structure. Others like PROP_SELECTION and PROP_GROUP_ITEM will delete the current object and create a new object, leaving the pointers in @info invalid .
Platform: |
Alpine Linux 3.5 |