DEBIAN-CVE-2026-22801

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2026-22801

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-22801.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-22801

Upstream

CVE-2026-22801

Published

2026-01-12T23:15:52.907Z

Modified

2026-01-22T11:16:48.225944Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer over-read when the caller provides a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes. The bug was introduced in libpng 1.6.26 (October 2016) by casts added to silence compiler warnings on 16-bit systems. This vulnerability is fixed in 1.6.54.

References

https://security-tracker.debian.org/tracker/CVE-2026-22801

Affected packages

Debian:11 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.37-3

1.6.37-3+deb11u1

1.6.37-4

1.6.37-5

1.6.38-1

1.6.38-2

1.6.39-1

1.6.39-2

1.6.40-1

1.6.40-2

1.6.40-3

1.6.41-1

1.6.42-1

1.6.42-1.1~exp1

1.6.43-1

1.6.43-1exp1

1.6.43-2

1.6.43-3

1.6.43-4

1.6.43-5

1.6.44-1

1.6.44-2

1.6.44-3

1.6.45-1

1.6.46-1

1.6.46-2

1.6.46-3

1.6.46-4

1.6.47-1

1.6.47-1.1

1.6.48-1

1.6.49-1~exp1

1.6.50-1~exp1

1.6.50-1

1.6.51-1

1.6.52-1

1.6.53-1

1.6.54-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-22801.json"

Debian:12 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.39-2

1.6.39-2+deb12u1

1.6.40-1

1.6.40-2

1.6.40-3

1.6.41-1

1.6.42-1

1.6.42-1.1~exp1

1.6.43-1

1.6.43-1exp1

1.6.43-2

1.6.43-3

1.6.43-4

1.6.43-5

1.6.44-1

1.6.44-2

1.6.44-3

1.6.45-1

1.6.46-1

1.6.46-2

1.6.46-3

1.6.46-4

1.6.47-1

1.6.47-1.1

1.6.48-1

1.6.49-1~exp1

1.6.50-1~exp1

1.6.50-1

1.6.51-1

1.6.52-1

1.6.53-1

1.6.54-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-22801.json"

Debian:13 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.48-1

1.6.48-1+deb13u1

1.6.49-1~exp1

1.6.50-1~exp1

1.6.50-1

1.6.51-1

1.6.52-1

1.6.53-1

1.6.54-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-22801.json"

Debian:14 / libpng1.6

Package

Name: libpng1.6
Purl: pkg:deb/debian/libpng1.6?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.48-1

1.6.49-1~exp1

1.6.50-1~exp1

1.6.50-1

1.6.51-1

1.6.52-1

1.6.53-1

1.6.54-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-22801.json"