← volver
CVE-2026-5201

Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

CVSS 7.5 HIGHEPSS 1.1%CWE-122
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
31 mar 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Red Hat · Red Hat AI Inference Server 3.2Red Hat · Red Hat AI Inference Server 3.3Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.6 Extended Update Support

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2026:10707https://access.redhat.com/errata/RHSA-2026:10708https://access.redhat.com/errata/RHSA-2026:10741https://access.redhat.com/errata/RHSA-2026:11325https://access.redhat.com/errata/RHSA-2026:11326https://access.redhat.com/errata/RHSA-2026:11327https://access.redhat.com/errata/RHSA-2026:11328https://access.redhat.com/errata/RHSA-2026:11806https://access.redhat.com/errata/RHSA-2026:12060https://access.redhat.com/errata/RHSA-2026:12061https://access.redhat.com/errata/RHSA-2026:12062https://access.redhat.com/errata/RHSA-2026:12114