High severity7.8NVD Advisory· Published Mar 15, 2017· Updated Jun 17, 2026
CVE-2016-10168
CVE-2016-10168
Description
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32- Range: <2.2.4
- osv-coords30 versionspkg:rpm/opensuse/gd&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1pkg:rpm/suse/gd&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/php53&distro=SUSE%20Manager%202.1pkg:rpm/suse/php53&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/php53&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
< 2.3.3-1.1+ 29 more
- (no CPE)range: < 2.3.3-1.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.0.36.RC1-52.32.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.0.36.RC1-52.32.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.0.36.RC1-52.32.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 2.1.0-23.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.3.17-101.1
- (no CPE)range: < 5.5.14-96.1
- (no CPE)range: < 5.5.14-96.1
- (no CPE)range: < 5.5.14-96.1
- (no CPE)range: < 7.0.7-35.1
- (no CPE)range: < 7.0.7-35.1
- (no CPE)range: < 7.0.7-35.1
Patches
Vulnerability mechanics
References
10- www.openwall.com/lists/oss-security/2017/01/26/1nvdMailing ListPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2017/01/28/6nvdMailing ListPatchThird Party Advisory
- github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6nvdIssue TrackingPatchThird Party Advisory
- github.com/libgd/libgd/issues/354nvdIssue TrackingPatchThird Party Advisory
- libgd.github.io/release-2.2.4.htmlnvdVendor Advisory
- www.securityfocus.com/bid/95869nvdThird Party AdvisoryVDB Entry
- www.debian.org/security/2017/dsa-3777nvd
- www.securitytracker.com/id/1037659nvd
- access.redhat.com/errata/RHSA-2017:3221nvd
- access.redhat.com/errata/RHSA-2018:1296nvd
News mentions
0No linked articles in our index yet.