Monthly Archives: July 2017

graphicsmagick: use-after-free in CloseBlob (blob.c)

Description: graphicsmagick is a collection of tools and libraries for many image formats. The complete ASan output of the issue: # gm identify $FILE ==20404==ERROR: AddressSanitizer: heap-use-after-free on address 0x6230000053c0 at pc 0x7fc01a253357 bp 0x7fffcd2d2630 sp 0x7fffcd2d2628 READ of size … Continue reading

Posted in advisories, security | Leave a comment

mpg123: global buffer overflow in III_i_stereo (layer3.c)

Description: mpg123 is a fast console MPEG Audio Player and decoder library. The complete ASan output of the issue: # mpg123-mpg123 -t $FILE ==10588==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f01025c5cbc at pc 0x7f010229bfe3 bp 0x7ffc988ac5b0 sp 0x7ffc988ac5a8 READ of size 4 … Continue reading

Posted in advisories, security | 1 Comment