CVE-2019-7317

medium

Published 2019-02-04 · Modified 2019-09-02

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

5.3

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

5.3

Description

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

Predictions

Exploit likelihood

63%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact

SUSE Affected 4 releases

Version	Status	Fixed in
42.3	Affected	—
15.1	Affected	—
15.0	Affected	—
—	Affected	—

Ubuntu Affected 4 releases

Version	Status	Fixed in
19.04	Affected	—
18.10	Affected	—
18.04	Affected	—
16.04	Affected	—

Debian Mixed 7 releases

Version	Status	Fixed in
trixie	Fixed	`60.7.0esr-1`
sid	Fixed	`67.0-2`
forky	Fixed	`60.7.0esr-1`
bullseye	Fixed	`60.7.0esr-1`
bookworm	Fixed	`60.7.0esr-1`
9.0	Affected	—
8.0	Affected	—

Red Hat Mixed 4 releases

Version	Status	Fixed in
8.0	Affected	—
8	Fixed	—
7.0	Affected	—
6.0	Affected	—

Arch Fixed 1 release

Version	Status	Fixed in
—	Fixed	`67.0-1`

Application impact

Vendor	Product	Versions	Fixed
libpng	libpng	`{"startIncluding":"1.6.0","endExcluding":"1.6.37"}`	`1.6.37`
oracle	hyperion_infrastructure_technology	`11.2.6.0`
oracle	java_se	`7u221`
oracle	java_se	`8u212`
oracle	jdk	`11.0.3`
oracle	jdk	`12.0.1`
oracle	mysql	`{"endExcluding":"8.0.23"}`	`8.0.23`
hp	xp7_command_view	`{"endExcluding":"8.7.0-00"}`	`8.7.0-00`
hpe	xp7_command_view_advanced_edition_suite	`{"endExcluding":"8.7.0-00"}`	`8.7.0-00`
mozilla	firefox	`-`
mozilla	thunderbird	`-`
opensuse	package_hub	`-`
netapp	active_iq_unified_manager	`{"endExcluding":"9.6"}`	`9.6`
netapp	active_iq_unified_manager	`9.6`
netapp	cloud_backup	`-`
netapp	e-series_santricity_management	`-`
netapp	e-series_santricity_storage_manager	`{"endExcluding":"11.53"}`	`11.53`
netapp	e-series_santricity_unified_manager	`{"endExcluding":"3.2"}`	`3.2`
netapp	e-series_santricity_web_services	`{"endExcluding":"4.0"}`	`4.0`
netapp	oncommand_insight	`{"endExcluding":"7.3.9"}`	`7.3.9`
netapp	oncommand_workflow_automation	`{"endExcluding":"5.1"}`	`5.1`
netapp	plug-in_for_symantec_netbackup	`-`
netapp	snapmanager	`{"endExcluding":"3.4.2"}`	`3.4.2`
netapp	snapmanager	`3.4.2`
netapp	steelstore	`-`
redhat	satellite	`5.8`

References

CWEs

CWE-416

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.