All major Linux vendors have released fixes for several serious bugs in an image-processing library, some of which could allow an attacker to take control of a system.
The bugs were discovered by researcher Chris Evans in libpng, a library that supports the viewing of PNG graphics files. PNG is a format developed as an alternative to GIF images and is usually supported by Linux systems.
While the library has been in use and tested for seven years, Evans said he found multiple errors that could allow an attacker to execute arbitrary code on a system by tricking a user into viewing a specially crafted PNG image. The bugs include buffer overflows, NULL pointer dereferences and integer overflows, Evans said. Some bugs allow code execution while others only allow an attacker to crash an application.
Security experts said the most likely exploit was via graphics files. "The vulnerabilities can for example be exploited by tricking a user into visiting a malicious website or viewing a malicious email with an affected application linked to libpng," said security firm Secunia in an advisory.