Pardus: 2010-41: Libpng: Denial of Service
Posted by Benjamin D. Thomas   
A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-41            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-03-29
  Severity: 3
      Type: Local
------------------------------------------------------------------------

Summary
======
A vulnerability has been reported in libpng, which can be exploited  by
malicious people to cause a DoS (Denial of Service).


Description
==========
The png_decompress_chunk function in  pngrutil.c  in  libpng  does  not
properly   handle compressed   ancillary-chunk   data   that   has   a
disproportionately  large uncompressed  representation,  which  allows
remote  attackers to  cause  a  denial  of  service  (memory  and  CPU
consumption,  and application  hang)  via  a  crafted  PNG  file,   as
demonstrated by use of the deflate compression method on data  composed
of many occurrences of the same character, related to a  "decompression
bomb" attack.


Affected packages:

    libpng-1.2.43-21-6, all before 2009

    libpng-1.2.43-20-10, all before 2008



Resolution
=========
There are update(s) for libpng-1.2.43-21-6, libpng-1.2.43-20-10. You can
update them via Package Manager or with a single command from console:

    pisi up libpng-1.2.43-21-6 libpng-1.2.43-20-10

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id384
  * http://www.kb.cert.org/vuls/id/576029
  * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0205

------------------------------------------------------------------------