Libpng stalls and consumes large quantities of memory while processing certain Portable Network Graphics (PNG) files.
When processing PNG files containing highly compressed ancillary chunks, the png_decompress_chunk() function in libpng can consume large amounts of CPU time and memory. This resource consumption may hang applications that use libpng. More information is available in the PNG Development Group security advisory and supplementary document, Defending Libpng Applications Against Decompression Bombs.
This vulnerability could allow an unauthenticated, remote attacker to cause a denial of service.
The PNG Development Group has released versions 1.4.1, 1.2.43, and 1.0.53, which provide more efficient decompression of ancillary chunks. This update decreases resource consumption associated with chunk decompression, but may not provide a complete defense unless coupled with appropriate memory limits.
Internet Initiative Japan, Inc. Not Affected
Apple Inc. Unknown
Conectiva Inc. Unknown
Cray Inc. Unknown
Debian GNU/Linux Unknown
DragonFly BSD Project Unknown
EMC Corporation Unknown
Engarde Secure Linux Unknown
F5 Networks, Inc. Unknown
Fedora Project Unknown
FreeBSD Project Unknown
Gentoo Linux Unknown
Hewlett-Packard Company Unknown
IBM Corporation Unknown
IBM Corporation (zseries) Unknown
IBM eServer Unknown
Juniper Networks, Inc. Unknown
Mandriva S. A. Unknown
Microsoft Corporation Unknown
MontaVista Software, Inc. Unknown
NEC Corporation Unknown
Novell, Inc. Unknown
Openwall GNU/*/Linux Unknown
QNX Software Systems Inc. Unknown
Red Hat, Inc. Unknown
SUSE Linux Unknown
Silicon Graphics, Inc. Unknown
Slackware Linux Inc. Unknown
Sony Corporation Unknown
Sun Microsystems, Inc. Unknown
The SCO Group Unknown
Wind River Systems, Inc. Unknown
This issue was reported by the PNG Development Group.
This document was written by David Warren.
|Date First Published:||2010-03-02|
|Date Last Updated:||2010-03-02 14:58 UTC|