Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 5 Sep 2013 10:38:14 +0200
From: Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject: [notification] exactimage DoS, jumping into the unknown

Hi,

While testing the update of exactimage for the fixes in its embedded
copy of dcraw (CVE-2013-1438) I noticed that it did not initialize
(setjmp) the jump pointer used by dcraw for error handling.
In addition to the new checks introduced to fix the above-mentioned
issue, there were already some cases where longjmp was called, causing
the execution to jump to a location defined by an uninitialized
variable.

This new issue has been assigned CVE-2013-1441.

Note that this is specific to exactimage and is not a bug, per-se, in dcraw.

According to the Debian maintainer this bug has probably been present
since ExactImage 0.0.12

This has been fixed in Debian with the patch added in the following commit:
http://anonscm.debian.org/gitweb/?p=collab-maint/exactimage.git;a=commitdiff;h=1dff2eb586a3d10d8528a984bc471292e3789f5c;hp=acfe54193b18b46e880f4b474d2e40b4fdb44a8d

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ