We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

New set of Linux security flaws discovered

Patches released by vendors

A security researcher has uncovered another set of security flaws in an image component, which could put Linux users at risk of system compromise if they view a maliciously crafted image.

The bugs, in the imlib image library found in most Linux systems, haven't been patched by the library's developer, but Linux vendors are currently rushing out patches. So far the Gentoo Foundation, Novell's SuSE business unit and others have released fixes.

Researcher Pavel Kankovsky found that several integer overflows in image decoding routines could be exploited to cause buffer overflows and potentially execute malicious code on a user's system, according to advisories from Suse, Gentoo and independent security firm Secunia. The bugs can be exploited by tricking a user into viewing a specially crafted image in one of the many applications linked to imlib.

Imlib is one of the most popular image manipulation and rendering libraries available, according to open source developers, and was the rendering engine for the Gnome user interface until the release of Gnome 2.0.

In September a similar bug affected both imlib 1.x and imlib2 1.x. Other imaging-related components in Linux, Windows and other platforms, have been hit by bugs this year. One of the most serious was a Jpeg-rendering flaw in Windows, which was patched in mid-September. A few days later attackers began exploiting the flaw with pornographic images posted to Usenet news groups.

IDG UK Sites

6 best gaming PCs 2015: What's the best gaming PC you can buy in the UK?

IDG UK Sites

Three of the most expensive Limited Edition games ever made: Who's buying a $1,000,000 game?

IDG UK Sites

The future of Microsoft Surface: What to expect from the Surface Pro 4

IDG UK Sites

Best Mac: Apple Mac buyers guide for 2015: iMac, MacBook, MacBook Air, MacBook Pro, Mac mini and...