Gifts for $25 or Less Spotify Wrapped Neuralink Brain Chip Black Hole Burps Light of 1,000 Trillion Suns Stamp Price Increase Streaming Services to Cancel Melatonin Rival Monkeypox Renamed
Want CNET to notify you of price drops and the latest stories?
No, thank you

Linux groups patch image flaw

Common code used to process graphics has a flaw that could allow an attacker to issue commands as the user.

Several flaws in common Linux code used to process graphics in older versions of the GNOME desktop environment could allow an attacker to compromise a computer that displays a malicious image file, a security group warned this week.

The vulnerabilities occur in the Imlib software library, a set of common code for handling images, security information provider Secunia Tuesday. The company rated the flaw threat as "highly critical."

Czech software developer Pavel Kankovsky discovered the flaws when he checked the Imlib library to see if it was affected by vulnerabilities found in a similar set of Linux code, Linux distributor Gentoo said in an advisory.

Both Gentoo and Novell's SuSE Linux released patches for the issue this week.

The image flaw is the latest graphics library vulnerability to affect a major operating system. Microsoft fixed a major flaw in how its operating system and applications handled the popular JPEG format. The flaw could be used to take control of a victim's PC by viewing a graphic. Another flaw in a popular code library for handling an open-source image format, known as Portable Network Graphics, put computers running Linux, Windows and Mac OS X at risk.

Another common element of Web pages, Sun Microsystems' Java, also had a major flaw that could affect Linux and Windows computer users. The company patched the issue in October.

Other versions of the Linux operating system are likely affected if they use an older version of the GNOME desktop. In addition, other applications on those systems could also be affected if that software uses the Imlib code.