A heap buffer overflow vulnerability has been found in GDAL which could result in denial of service.
Package | sci-libs/gdal on all architectures |
---|---|
Affected versions | < 3.4.1 |
Unaffected versions | >= 3.4.1 |
GDAL is a geospatial data abstraction library.
GDAL does not sufficiently sanitize input when loading PCIDSK binary segments.
Loading crafted PCIDSK data via GDAL could result in denial of service.
There is no known workaround at this time.
All GDAL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sci-libs/gdal-3.4.1"
Release date
October 31, 2022
Latest revision
October 31, 2022: 1
Severity
low
Exploitable
remote
Bugzilla entries