Jan 7, 2026·6 min read·3 visits
The gif2apng tool uses a two-pass strategy to convert GIFs: count frames, allocate memory, then read data. CVE-2021-45911 exploits a mismatch where the second pass writes more data than the first pass allocated, leading to a heap buffer overflow. Fixing it requires a simple bounds check.
A classic heap-based buffer overflow in gif2apng version 1.9 allows attackers to cause a denial of service or potentially execute arbitrary code via a crafted GIF file. The vulnerability stems from a disconnect between the frame counting logic and the frame processing logic.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Product | Affected Versions | Fixed Version |
|---|---|---|
gif2apng gif2apng Project | <= 1.9 | 1.9+srconly-3+deb11u1 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-122 (Heap-based Buffer Overflow) |
| CVSS v3.1 | 7.8 (High) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| Attack Vector | Local (User Interaction Required) |
| EPSS Score | 0.16% |
| Exploit Status | PoC Available |
A heap-based buffer overflow occurs when a program writes to a memory address on the heap that is outside the bounds of the allocated buffer.