Login Sign Up

CVE-2021-45911

7.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

CVE-2021-45911 is a heap-based buffer overflow vulnerability in gif2apng 1.9 that allows attackers to write 2 bytes outside buffer boundaries. This affects systems running the vulnerable gif2apng version, potentially allowing arbitrary code execution or application crashes. Users who process GIF files with gif2apng are at risk.

💻 Affected Systems

Products:
  • gif2apng
Versions: Version 1.9
Operating Systems: Linux, Unix-like systems
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where gif2apng is installed and used to process GIF files.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Gif2apng by Gif2apng Project

View all CVEs affecting Gif2apng →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if gif2apng processes malicious GIF files from untrusted sources.

🟠

Likely Case

Application crash (denial of service) when processing specially crafted GIF files.

🟢

If Mitigated

Limited impact if gif2apng only processes trusted GIF files with proper input validation.

🌐 Internet-Facing: MEDIUM - Risk exists if gif2apng processes user-uploaded GIF files on web servers, but requires specific conditions.
🏢 Internal Only: LOW - Typically used as a command-line tool for batch conversion, not as a network service.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires providing a malicious GIF file to gif2apng. The vulnerability is in the main function and can be triggered during normal conversion operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.9-1 (Debian patched version)

Vendor Advisory: https://lists.debian.org/debian-lts-announce/2022/03/msg00008.html

Restart Required: No

Instructions:

1. Update gif2apng package using your distribution's package manager. 2. For Debian/Ubuntu: sudo apt update && sudo apt install gif2apng. 3. Verify installation with: gif2apng --version

🔧 Temporary Workarounds

Disable gif2apng usage

linux

Remove or restrict execution of gif2apng binary

sudo chmod 000 /usr/bin/gif2apng
sudo mv /usr/bin/gif2apng /usr/bin/gif2apng.disabled

Input validation

all

Only allow trusted GIF files to be processed by gif2apng

🧯 If You Can't Patch

  • Remove gif2apng from production systems
  • Use alternative GIF to APNG conversion tools like ImageMagick

🔍 How to Verify

Check if Vulnerable:

Check gif2apng version: gif2apng --version | grep '1.9$'

Check Version:

gif2apng --version

Verify Fix Applied:

Verify version is not 1.9: gif2apng --version | grep -v '1.9$'

📡 Detection & Monitoring

Log Indicators:

  • Segmentation fault or crash logs from gif2apng process
  • Unexpected termination of gif2apng conversion jobs

Network Indicators:

  • N/A - Local file processing vulnerability

SIEM Query:

process.name:"gif2apng" AND (event.action:"segmentation_fault" OR event.outcome:"failure")

📊 Metadata

CVE ID: CVE-2021-45911
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: December 28, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-45911, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)