CVE-2015-7508: 
Linux Debian vulnerability analysis and mitigation

Heap-based buffer overflow vulnerability identified as CVE-2015-7508 affects Libnsbmp version 0.1.2, a decoding library for BMP and ICO files primarily used in the NetSurf project. The vulnerability was discovered and disclosed in December 2015 (FullDisclosure).

The vulnerability occurs in the bmp_decode_rle function in libnsbmp.c where the last row of run-length encoded data may expand beyond the allocated buffer. The issue stems from incorrect calculation of 'pixels_left' variable, which can lead to buffer overflow when processing RLE data. The library expects the user-supplied 'bmp_bitmap_cb_create' callback to allocate sufficient memory for 'bmp->width * bmp->height * 4' bytes, but this boundary check can be bypassed (FullDisclosure).

When exploited, this vulnerability allows context-dependent attackers to cause a denial of service (application crash) or potentially execute arbitrary code via the last row of RLE data in a crafted BMP file (AttackerKB).

The vulnerability has been fixed in the git HEAD of the libnsbmp repository. Users should upgrade to the patched version available in the NetSurf browser source code repository (FullDisclosure).