{"id":"CVE-2019-6978","details":"The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.","modified":"2026-04-16T04:39:30.802145207Z","published":"2019-01-28T08:29:00.607Z","related":["ALSA-2019:2722","ALSA-2020:4659","SUSE-SU-2019:0333-1","SUSE-SU-2019:0747-1","SUSE-SU-2019:0771-1","SUSE-SU-2019:13961-1","SUSE-SU-2022:1516-1","SUSE-SU-2022:1560-1","openSUSE-SU-2019:1148-1","openSUSE-SU-2024:10777-1","openSUSE-SU-2024:11012-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201903-18"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3900-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4384"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2722"},{"type":"FIX","url":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0"},{"type":"FIX","url":"https://github.com/libgd/libgd/issues/492"},{"type":"FIX","url":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libgd/libgd","events":[{"introduced":"0"},{"last_affected":"8255231b68889597d04d451a72438ab92a405aba"},{"fixed":"553702980ae89c83f2d6e254d62cf82e204956d0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.2.5"}]}},{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"fixed":"089f7c0bc28d399b0420aa6ef058e4c1c120b2ae"}]}],"versions":["GD_1_3_0","GD_1_4_0","GD_1_5_0","GD_1_6_0","GD_1_6_1","GD_1_6_2","GD_1_6_3","GD_1_7_0","GD_1_7_1","GD_1_7_2","GD_1_7_3","GD_1_8_0","GD_1_8_1","GD_1_8_3","GD_1_8_4","GD_2_0_0","GD_2_0_1","GD_2_0_10","GD_2_0_11","GD_2_0_12","GD_2_0_13","GD_2_0_14","GD_2_0_15","GD_2_0_17","GD_2_0_18","GD_2_0_19","GD_2_0_2","GD_2_0_20","GD_2_0_21","GD_2_0_22","GD_2_0_23","GD_2_0_24","GD_2_0_25","GD_2_0_26","GD_2_0_27","GD_2_0_28","GD_2_0_29","GD_2_0_3","GD_2_0_30","GD_2_0_31","GD_2_0_32","GD_2_0_33","GD_2_0_34RC1","GD_2_0_4","GD_2_0_5","GD_2_0_6","GD_2_0_7","GD_2_0_8","GD_2_0_9","POST_64BIT_BRANCH_MERGE","POST_AST_MERGE","POST_PHP7_NSAPI_REMOVAL","POST_PHP7_REMOVALS","POST_PHPNG_MERGE","PRE_64BIT_BRANCH_MERGE","PRE_AST_MERGE","PRE_PHP7_EREG_MYSQL_REMOVALS","PRE_PHP7_NSAPI_REMOVAL","PRE_PHP7_REMOVALS","gd-2.1.0","gd-2.1.0-alpha1","gd-2.1.0-rc1","gd-2.1.1","gd-2.2.0","gd-2.2.1","gd-2.2.2","gd-2.2.3","gd-2.2.4","gd-2.2.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6978.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]}],"vanir_signatures":[{"id":"CVE-2019-6978-1103a7e0","deprecated":false,"target":{"file":"src/gd_gif_out.c","function":"gdImageGifCtx"},"signature_type":"Function","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"function_hash":"73669897427677809406459109248086572317","length":420}},{"id":"CVE-2019-6978-14d43338","deprecated":false,"signature_type":"Function","target":{"file":"src/gd_jpeg.c","function":"gdImageJpegCtx"},"source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"function_hash":"67962746548657808604095966200889547021","length":4045}},{"id":"CVE-2019-6978-2e0b8712","deprecated":false,"signature_type":"Function","target":{"file":"ext/gd/libgd/gd_gif_out.c","function":"gdImageGifCtx"},"source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"function_hash":"275896152944056985094549263111297991138","length":433}},{"id":"CVE-2019-6978-30a03384","deprecated":false,"signature_type":"Line","target":{"file":"ext/gd/libgd/gd_wbmp.c"},"source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"line_hashes":["19651959449158235032978597245512963024","294714777056557192024210824448450261473","230450510658944580537388532969974356328","107313296107938168886995965059128237513","228274600237842458120256997038278301450","324496183297757856389783803601595351774","184250979163212917318712091180863427252","270507458710422430336350167388167736930","168414150809866723829468024954727721112","6907418261553886065548764322470579380","14383629774140824238052912025675724862","250326204507059287597394462741589954653","214674947768922233576350305125147980598","331943686495221907806917212615313552630","28476157422038527216037567195136414707","237763104887679373999098358144977038021","319291730546104110404068620813350682844","113470114409076747680286142819285863266"],"threshold":0.9}},{"id":"CVE-2019-6978-378e66ad","deprecated":false,"target":{"file":"ext/gd/libgd/gd_jpeg.c","function":"gdImageJpegCtx"},"signature_type":"Function","source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"function_hash":"128746927226974378866067506552552918355","length":3193}},{"id":"CVE-2019-6978-3968c133","deprecated":false,"target":{"file":"src/gd_wbmp.c"},"signature_type":"Line","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"line_hashes":["73321661324459895908597955010084804784","187916382817915030519167801468652181022","38175124439509039761373901122901768180","287392254799148189314716234748061938750","139685205050848806812636386066260729900","160581066299419984515885128146021169037","196428988387474838349678337868463266115","270507458710422430336350167388167736930","168414150809866723829468024954727721112","107204543989011579765093231851483476423","325787918952113342782007638869706208356","122720985368456408105157438526248066540","111039815623080080593200785522132056946","282055384616729822594242177012151994140","240840118927208583836317864425892949001","148961733259745995844079711282917524194","170383651322725312902254469709707062586","72551849922573848649858937555260463260","319291730546104110404068620813350682844","113470114409076747680286142819285863266"],"threshold":0.9}},{"deprecated":false,"id":"CVE-2019-6978-40692a3e","target":{"file":"src/gd_wbmp.c","function":"gdImageWBMPPtr"},"signature_type":"Function","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"function_hash":"310137828046498125067131185125838350997","length":252}},{"id":"CVE-2019-6978-75006a8c","deprecated":false,"target":{"file":"ext/gd/libgd/gd_jpeg.c","function":"gdImageJpegPtr"},"signature_type":"Function","source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"function_hash":"306376773652709971650450231230172921914","length":227}},{"id":"CVE-2019-6978-79b3172d","deprecated":false,"target":{"file":"ext/gd/libgd/gd_wbmp.c","function":"gdImageWBMPPtr"},"signature_type":"Function","source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"function_hash":"233103623135625103093034945139492330813","length":227}},{"id":"CVE-2019-6978-8cef24f0","deprecated":false,"signature_type":"Line","target":{"file":"ext/gd/libgd/gd_gif_out.c"},"source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"line_hashes":["87312630695593645696930074736148579905","77974528691838292440483426625820037856","73194525587671539524897398988101101174","124861356587019927570173305810789046826","20320755833102714392409507358147685661","52463910736497406696218380243795722142","108759381254030998926274141921660726081","239128638421564246491389787623215173636","311353505228934435246073361686233632599","113470114409076747680286142819285863266","170978390514210655515957869460424834105","300380864255268938892573184047315833597","296082569431922759382074523240273745456","159233346737640363834095152472822046055","321233400156210747451138247297490375232","335824401784257224250551711078879794181","287513714235459948080809438857018132028","47695802739225729596141603378143207977","286706662957834193113591021119508677878","287444864490330366548353383296746691678","298347623370276609077740959924761009712","20147872954352246875322086532193908788"],"threshold":0.9}},{"id":"CVE-2019-6978-a23cf1aa","deprecated":false,"target":{"file":"src/gd_jpeg.c","function":"gdImageJpegPtr"},"signature_type":"Function","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"function_hash":"177339278172706910585208812929466795856","length":252}},{"id":"CVE-2019-6978-af6a77a9","deprecated":false,"target":{"file":"ext/gd/libgd/gd_jpeg.c"},"signature_type":"Line","source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"line_hashes":["132437682783016292290041624222705014583","134090864583588528721731217752000820681","227542059130736856786570048228746214817","147734710479934747287389144538691759644","205543701889930755889600819457795705865","293297447526393879884600812746129167386","169716899741328006388913199191037988062","113470114409076747680286142819285863266","219351463968913007017213782815583287748","8276487751244779450199141735432458825","120961855793319075469629889561237538255","43490983461877523009654489938348474146","324812528127307086440606242642135555329","77036419748754613350466331170520901289","169988389853261194811325739746164010442","67252026344498111036459030983546200803","48565961860108771154495146959169949752","237598552096910878146301364183212749614","324262008133052167509329373808079827314","106857909774877358049452048299284946698"],"threshold":0.9}},{"deprecated":false,"id":"CVE-2019-6978-b05f363b","target":{"file":"src/gd_gif_out.c"},"signature_type":"Line","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"line_hashes":["313489793847174263116353613279088032662","77175195467114354362424537456180310303","317253520221055736381704389102526221600","174271734603876711979082048541624209002","202112744409901252928626606599438321111","325528340744038660830380969630764909247","311353505228934435246073361686233632599","113470114409076747680286142819285863266","214827399723281619403636192615871224041","96710189774890780092161856793015120092","91264835610843557957957248409030029540","283137986004142284261318850153523187342","321233400156210747451138247297490375232","335824401784257224250551711078879794181","287513714235459948080809438857018132028","47695802739225729596141603378143207977","286706662957834193113591021119508677878","287444864490330366548353383296746691678","282183962327612283279302963557365846832","166393682546613005542574617434310068378"],"threshold":0.9}},{"id":"CVE-2019-6978-c681eebe","deprecated":false,"target":{"file":"ext/gd/libgd/gd_wbmp.c","function":"gdImageWBMPCtx"},"signature_type":"Function","source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"function_hash":"277579775599658773944258741276004248117","length":570}},{"deprecated":false,"id":"CVE-2019-6978-c8deae61","target":{"file":"ext/gd/libgd/gd_gif_out.c","function":"gdImageGifPtr"},"signature_type":"Function","source":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","signature_version":"v1","digest":{"function_hash":"191198993094894939001135986403663751294","length":205}},{"id":"CVE-2019-6978-eb0f5f61","deprecated":false,"target":{"file":"src/gd_jpeg.c"},"signature_type":"Line","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"line_hashes":["17298258251191293258763636816924187013","287489779689604771174966749904784909916","317845287329750453896035076073882058719","337292611167654240836067702314357617758","123046874969727043012819024804458612412","267145984315437156487272218820784718394","169716899741328006388913199191037988062","113470114409076747680286142819285863266","321802689434163186081473185620801709093","293587497156982751284626056650800867853","233968861811893801373510569930896407063","229150919373295212814481273339665450598","324812528127307086440606242642135555329","77036419748754613350466331170520901289","170843414304609867087371776433969510919","55798560331571116897938284176038048006","59218394426712755699745125668377226194","246615748348509609972184333186269202322","210557549136761450109283157291505259439","53910147842568629468490686660221785270","48565961860108771154495146959169949752","237598552096910878146301364183212749614","57074210151970652111598269110657490297","68965124363846818538755454109844535639"],"threshold":0.9}},{"id":"CVE-2019-6978-f5425777","deprecated":false,"signature_type":"Function","target":{"file":"src/gd_gif_out.c","function":"gdImageGifPtr"},"source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"function_hash":"223404107734624752233597713078749194338","length":230}},{"deprecated":false,"id":"CVE-2019-6978-faff0e10","target":{"file":"src/gd_wbmp.c","function":"gdImageWBMPCtx"},"signature_type":"Function","source":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","signature_version":"v1","digest":{"function_hash":"288102288542096744908717740493584686557","length":568}}],"vanir_signatures_modified":"2026-04-11T17:54:11Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}