Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian LTS Advisory ([SECURITY] [DLA 1567-1] gthumb security update)

Information

Severity

Severity

Medium

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.6

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

5 years ago

Modified

Modified

5 years ago

Summary

CVE-2018-18718 - CWE-415: Double Free The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations. There is a suspected double-free bug with static void add_themes_from_dir() dlg-contact-sheet.c. This method involves two successive calls of g_free(buffer) (line 354 and 373), and is likely to cause double-free of the buffer. One possible fix could be directly assigning the buffer to NULL after the first call of g_free(buffer).

Affected Software

Affected Software

gthumb on Debian Linux

Detection Method

Detection Method

This check tests the installed software version using the apt package manager.

Solution

Solution

For Debian 8 'Jessie', this problem has been fixed in version 3:3.3.1-2.1+deb8u1 We recommend that you upgrade your gthumb packages.

Common Vulnerabilities and Exposures (CVE)