CVE-2022-1507

chafa: NULL Pointer Dereference in function gifinternaldecodeframe at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gifinternaldecodeframe at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.

References

Affected packages

Git / github.com/hpjansson/chafa

Affected ranges

Type: GIT
Repo: https://github.com/hpjansson/chafa
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e4b777c7b7c144cd16a0ea96108267b1004fe6c9

Affected versions

0.*

0.9.0

1.*

1.0.0

1.10.0

1.10.1

1.2.0

1.4.0

1.6.0

1.8.0

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/hpjansson/chafa/commit/e4b777c7b7c144cd16a0ea96108267b1004fe6c9",
        "target": {
            "file": "libnsgif/libnsgif.c"
        },
        "id": "CVE-2022-1507-595d80cd",
        "deprecated": false,
        "signature_type": "Line",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "226139639360273292168531425569052750193",
                "128192117757469412337181797085380734841",
                "148165627436341425810271921761655786850"
            ],
            "threshold": 0.9
        }
    },
    {
        "source": "https://github.com/hpjansson/chafa/commit/e4b777c7b7c144cd16a0ea96108267b1004fe6c9",
        "target": {
            "function": "gif_internal_decode_frame",
            "file": "libnsgif/libnsgif.c"
        },
        "id": "CVE-2022-1507-848219be",
        "deprecated": false,
        "signature_type": "Function",
        "signature_version": "v1",
        "digest": {
            "function_hash": "37117809620763676497047265525472027561",
            "length": 5892.0
        }
    }
]