REDHAT-BUG-2451819: Medium severity libpng LIBPNG vulnerability
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2451819?
The severity of REDHAT-BUG-2451819 is considered high due to the potential for out-of-bounds read and write vulnerabilities.
How do I fix REDHAT-BUG-2451819?
To fix REDHAT-BUG-2451819, update libpng to a version beyond 1.6.55 as per the security patch provided by Red Hat.
What versions of libpng are affected by REDHAT-BUG-2451819?
Versions 1.6.36 through 1.6.55 of libpng are affected by REDHAT-BUG-2451819.
What type of vulnerability is associated with REDHAT-BUG-2451819?
REDHAT-BUG-2451819 is associated with out-of-bounds read and write vulnerabilities in the palette expansion path of libpng.
Can REDHAT-BUG-2451819 affect my application?
Yes, if your application uses an affected version of libpng, it is susceptible to the vulnerabilities identified in REDHAT-BUG-2451819.