CVE-2026-26740

Publication date 18 March 2026

Last updated 30 June 2026


Ubuntu priority

Cvss 3 Severity Score

8.2 · High

Score breakdown

Description

Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.

Status

Package Ubuntu Release Status
giflib 26.04 LTS resolute
Vulnerable
25.10 questing
Vulnerable
24.04 LTS noble
Vulnerable
22.04 LTS jammy
Vulnerable
20.04 LTS focal
Vulnerable
18.04 LTS bionic
Vulnerable
16.04 LTS xenial
Vulnerable

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
giflib

Severity score breakdown

CVSS version: CVSS v3.0

Base score 8.2 · High

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H


Access our resources on patching vulnerabilities