Amazon Linux 2023 Security Advisory: ALAS2023-2026-1883
Advisory Released Date: 2026-06-22
Advisory Updated Date: 2026-06-22
Severity:
Medium
Issue Overview:
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size. (CVE-2026-26740)
Affected Packages:
giflib
Issue Correction:
Run dnf update giflib --releasever 2023.12.20260622 or dnf update --advisory ALAS2023-2026-1883 --releasever 2023.12.20260622 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
New Packages:
aarch64:
giflib-utils-5.2.1-9.amzn2023.0.4.aarch64
giflib-debugsource-5.2.1-9.amzn2023.0.4.aarch64
giflib-5.2.1-9.amzn2023.0.4.aarch64
giflib-debuginfo-5.2.1-9.amzn2023.0.4.aarch64
giflib-devel-5.2.1-9.amzn2023.0.4.aarch64
giflib-utils-debuginfo-5.2.1-9.amzn2023.0.4.aarch64
src:
giflib-5.2.1-9.amzn2023.0.4.src
x86_64:
giflib-utils-debuginfo-5.2.1-9.amzn2023.0.4.x86_64
giflib-debuginfo-5.2.1-9.amzn2023.0.4.x86_64
giflib-debugsource-5.2.1-9.amzn2023.0.4.x86_64
giflib-utils-5.2.1-9.amzn2023.0.4.x86_64
giflib-5.2.1-9.amzn2023.0.4.x86_64
giflib-devel-5.2.1-9.amzn2023.0.4.x86_64