CVE-2019-11038
Summary
| CVE | CVE-2019-11038 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-06-19 00:15:00 UTC |
| Updated | 2023-11-07 03:02:00 UTC |
| Description | When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. |
Risk And Classification
Problem Types: CWE-908
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 19.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 19.10 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 29 | All | All | All |
| Operating System | Fedoraproject | Fedora | 30 | All | All | All |
| Operating System | Fedoraproject | Fedora | 32 | All | All | All |
| Operating System | Fedoraproject | Fedora | 29 | All | All | All |
| Operating System | Fedoraproject | Fedora | 30 | All | All | All |
| Operating System | Fedoraproject | Fedora | 32 | All | All | All |
| Application | Libgd | Libgd | 2.2.5 | All | All | All |
| Application | Libgd | Libgd | 2.2.5 | All | All | All |
| Operating System | Opensuse | Leap | 15.1 | All | All | All |
| Operating System | Opensuse | Leap | 15.1 | All | All | All |
| Application | Php | Php | All | All | All | All |
| Application | Php | Php | All | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
| Application | Redhat | Software Collections | 1.0 | All | All | All |
| Application | Redhat | Software Collections | 1.0 | All | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp4 | All | All |
| Application | Suse | Linux Enterprise Debuginfo | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | sp5 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | sp5 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | sp5 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Software Development Kit | 12 | sp5 | All | All |
| Operating System | Suse | Linux Enterprise Workstation Extension | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Workstation Extension | 12 | sp5 | All | All |
| Operating System | Suse | Linux Enterprise Workstation Extension | 12 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Workstation Extension | 12 | sp5 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| 1724149 – (CVE-2019-11038) CVE-2019-11038 gd: information disclosure in function gdImageCreateFromXbm() | CONFIRM | bugzilla.redhat.com | Exploit, Issue Tracking, Third Party Advisory |
| [security-announce] openSUSE-SU-2020:0332-1: moderate: Security update f | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| [SECURITY] Fedora 30 Update: php-7.3.6-1.fc30 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| [SECURITY] Fedora 29 Update: php-7.2.19-2.fc29 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 32 Update: gd-2.3.0-1.fc32 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| 1724432 – CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm() [fedora-all] | MISC | bugzilla.redhat.com | Exploit, Issue Tracking, Third Party Advisory |
| [SECURITY] Fedora 29 Update: php-7.2.19-2.fc29 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| #929821 - libgd2: CVE-2019-11038: Uninitialized read in gdImageCreateFromXbm - Debian Bug report logs | CONFIRM | bugs.debian.org | Mailing List, Third Party Advisory |
| PHP :: Sec Bug #77973 :: Uninitialized read in gdImageCreateFromXbm | CONFIRM | bugs.php.net | Vendor Advisory |
| Debian -- Security Information -- DSA-4529-1 php7.0 | DEBIAN | www.debian.org | Third Party Advisory |
| Bugtraq: [SECURITY] [DSA 4529-1] php7.0 security update | BUGTRAQ | seclists.org | Mailing List, Third Party Advisory |
| Bug 1140118 – VUL-0: CVE-2019-11038: php5,php72, php7,php53: information disclosure in function gdImageCreateFromXbm() | CONFIRM | bugzilla.suse.com | Exploit, Issue Tracking, Third Party Advisory |
| [SECURITY] [DLA 1817-1] libgd2 security update | MLIST | lists.debian.org | Mailing List, Third Party Advisory |
| [SECURITY] Fedora 32 Update: gd-2.3.0-1.fc32 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Bug 1140120 – VUL-1: CVE-2019-11038: gd: information disclosure in function gdImageCreateFromXbm() | CONFIRM | bugzilla.suse.com | Exploit, Issue Tracking, Third Party Advisory |
| USN-4316-2: GD Graphics Library vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| [SECURITY] Fedora 30 Update: php-7.3.6-1.fc30 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| Uninitialized read in gdImageCreateFromXbm (CVE-2019-11038) · Issue #501 · libgd/libgd · GitHub | CONFIRM | github.com | Exploit, Third Party Advisory |
| USN-4316-1: GD Graphics Library vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: By chamal dot desilva at gmail dot com
Legacy QID Mappings
- 296060 Oracle Solaris 11.4 Support Repository Update (SRU) 37.0.1.101.1 Missing (CPUJUL2021)
- 296079 Oracle Solaris 11.4 Support Repository Update (SRU) 15.5.0 Missing (CPUOCT2019)
- 500197 Alpine Linux Security Update for gd
- 503939 Alpine Linux Security Update for gd
- 670664 EulerOS Security Update for php (EulerOS-SA-2021-2423)