MGASA-2018-0044

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0044.html

Import Source

https://advisories.mageia.org/MGASA-2018-0044.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0044

Published

2018-01-03T14:22:14Z

Modified

2026-04-16T04:27:05.640704Z

Summary

Updated wayland packages fix security vulnerability

Details

It is possible to trigger heap overflows due to an integer overflow while parsing images. The integer overflow occurs because the chosen limit 0x10000 for dimensions is too large for 32 bit systems, because each pixel takes 4 bytes. Properly chosen values allow an overflow which in turn will lead to less allocated memory than needed for subsequent reads (rhbz#1522638).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / wayland

Package

Name: wayland
Purl: pkg:rpm/mageia/wayland?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.0-2.1.mga5

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2018-0044.json"

Mageia:6 / wayland

Package

Name: wayland
Purl: pkg:rpm/mageia/wayland?arch=source&distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-1.1.mga6

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2018-0044.json"