Vulnerabilities > CVE-2021-20240 - Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
gnome
fedoraproject
CWE-191

Summary

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Vulnerable Configurations

Part Description Count
Application
Gnome
123
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)