{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-48622", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-26T19:25:00.545Z", "dateReserved": "2024-01-26T00:00:00", "datePublished": "2024-01-26T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-01-26T08:07:20.716235"}, "descriptions": [{"lang": "en", "value": "In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.258Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "affected": [{"vendor": "gnome", "product": "gdkpixbuf", "cpes": ["cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.42.10", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-26T19:23:51.698580Z", "id": "CVE-2022-48622", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T19:25:00.545Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.258Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-48622", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-26T19:23:51.698580Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*"], "vendor": "gnome", "product": "gdkpixbuf", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.42.10"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T19:24:18.322Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"}], "descriptions": [{"lang": "en", "value": "In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-01-26T08:07:20.716235"}}}, "cveMetadata": {"cveId": "CVE-2022-48622", "state": "PUBLISHED", "dateUpdated": "2024-08-26T19:25:00.545Z", "dateReserved": "2024-01-26T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-01-26T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFAFB1D2-977E-4F83-A644-EC034FB0A447", "versionEndIncluding": "2.42.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c."}, {"lang": "es", "value": "En GNOME GdkPixbuf (tambi\u00e9n conocido como gdk-pixbuf) hasta 2.42.10, el decodificador ANI (cursor animado de Windows) encuentra corrupci\u00f3n en la memoria del mont\u00f3n (en ani_load_chunk en io-ani.c) al analizar fragmentos en un archivo .ani manipulado. Un archivo manipulado podr\u00eda permitir a un atacante sobrescribir metadatos del mont\u00f3n, lo que provocar\u00eda una denegaci\u00f3n de servicio o un ataque de ejecuci\u00f3n de c\u00f3digo. Esto ocurre en gdk_pixbuf_set_option() en gdk-pixbuf.c."}], "id": "CVE-2022-48622", "lastModified": "2024-11-21T07:33:37.483", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-01-26T09:15:07.570", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3341", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "gdk-pixbuf2-0:2.36.12-6.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3341", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "gdk-pixbuf2-0:2.36.12-6.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3834", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "gdk-pixbuf2-0:2.42.6-4.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-06-11T00:00:00Z"}], "bugzilla": {"description": "gnome: heap memory corruption on gdk-pixbuf", "id": "2260545", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260545"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.", "A flaw was found in GNOME's GdkPixbuf library, a library used to load image data in various formats used by GDK for handling graphical assets. This issue occurs when loading a crafted ANI (animated cursor file) file, which may lead to a heap based out-of-bounds write, causing memory corruption. When a successful attack is in place, it can lead to a denial of service or in some cases arbitrary code execution."], "mitigation": {"lang": "en:us", "value": "This flaw can be mitigated by the user avoiding to load .ani files from untrusted sources."}, "name": "CVE-2022-48622", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "gdk-pixbuf2", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "gdk-pixbuf2", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2024-01-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48622\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48622"], "statement": "The vulnerability in the GdkPixbuf library, allowing for heap-based out-of-bounds writes when loading crafted ANI files, poses a moderate severity risk. While the flaw could lead to memory corruption and potential denial of service or arbitrary code execution, its impact is somewhat mitigated by factors such as the need for the attacker to craft specifically malicious ANI files and the requirement for user interaction to open these files. Additionally, exploitation is limited to systems where GdkPixbuf is used to handle ANI files, reducing the overall attack surface.", "threat_severity": "Moderate"}