Vulnerability Note VU#576029
libpng stalls on highly compressed ancillary chunks
Libpng stalls and consumes large quantities of memory while processing certain Portable Network Graphics (PNG) files.
When processing PNG files containing highly compressed ancillary chunks, the png_decompress_chunk() function in libpng can consume large amounts of CPU time and memory. This resource consumption may hang applications that use libpng. More information is available in the PNG Development Group security advisory and supplementary document, Defending Libpng Applications Against Decompression Bombs.
This vulnerability could allow an unauthenticated, remote attacker to cause a denial of service.
The PNG Development Group has released versions 1.4.1, 1.2.43, and 1.0.53, which provide more efficient decompression of ancillary chunks. This update decreases resource consumption associated with chunk decompression, but may not provide a complete defense unless coupled with appropriate memory limits.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Internet Initiative Japan, Inc.||Not Affected||16 Feb 2010||02 Mar 2010|
|Apple Inc.||Unknown||16 Feb 2010||16 Feb 2010|
|Conectiva Inc.||Unknown||16 Feb 2010||16 Feb 2010|
|Cray Inc.||Unknown||16 Feb 2010||16 Feb 2010|
|Debian GNU/Linux||Unknown||16 Feb 2010||16 Feb 2010|
|DragonFly BSD Project||Unknown||16 Feb 2010||16 Feb 2010|
|EMC Corporation||Unknown||16 Feb 2010||16 Feb 2010|
|Engarde Secure Linux||Unknown||16 Feb 2010||16 Feb 2010|
|F5 Networks, Inc.||Unknown||16 Feb 2010||16 Feb 2010|
|Fedora Project||Unknown||16 Feb 2010||16 Feb 2010|
|FreeBSD Project||Unknown||16 Feb 2010||16 Feb 2010|
|Fujitsu||Unknown||16 Feb 2010||16 Feb 2010|
|Gentoo Linux||Unknown||16 Feb 2010||16 Feb 2010|
|Hewlett-Packard Company||Unknown||16 Feb 2010||16 Feb 2010|
|Hitachi||Unknown||16 Feb 2010||16 Feb 2010|
CVSS Metrics (Learn More)
This issue was reported by the PNG Development Group .
This document was written by David Warren.
- CVE IDs: CVE-2010-0205
- Date Public: 01 Mar 2010
- Date First Published: 02 Mar 2010
- Date Last Updated: 02 Mar 2010
- Severity Metric: 0.85
- Document Revision: 16
If you have feedback, comments, or additional information about this vulnerability, please send us email.