Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri,  2 Oct 2015 13:13:39 -0400 (EDT)
From: cve-assign@...re.org
To: gustavo.grieco@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> We found a heap overflow and a DoS in the gdk-pixbuf implementation
> triggered by the scaling of tga file. These issues are only fixed in the
> recent release of gdk-pixbuf 2.32.1
> 
> it was fixed in 2.32.0 with the 3 commits
> starting with
> https://git.gnome.org/browse/gdk-pixbuf/commit/?id=19f9685dbff7d1f929c61cf99188df917a18811d

This means:

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=19f9685dbff7d1f929c61cf99188df917a18811d
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=edf6fb8d856574bc3bb3a703037f56533229267c
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e

Use CVE-2015-7673. Apparently the cause of the issue was use of heap
memory after an allocation failure.

The original CVE request said "< 2.32.1" and "only fixed in ...
2.32.1" but then a followup message said "fixed in 2.32.0" instead. We
think the latter is correct.

The entry in the 2.32.0 changelog is shown in:
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=02a76ac6956ee1418da926d6f2cedb78525495b7

Responding to:

> From: Kurt Seifried <kseifried@...hat.com>
> Date: Thu, 1 Oct 2015 08:04:12 -0600
> 
> I know on our end there was some
> confusion as to whether or not this is the same flaw or closely related to
> https://www.mozilla.org/en-US/security/advisories/mfsa2015-88/

CVE-2015-4491 from mfsa2015-88 has different affected versions. Also, that
CVE is only for an integer overflow. If missing allocation-failure checking
before ffec86ed5010c5a2be14f47b33bcf4ed3169a199
is separately exploitable, then another CVE ID could be assigned.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWDro2AAoJEL54rhJi8gl5D54QAK/Vzop01NHL5zZpZlBwzrGZ
8dLEBvFTqXPjItMwhmLGNV/R9M59T3LEtRyENG45lMyDECuKsMVoL696Q87h16+c
Gweir8ZcVC19QxMBpwn4ITiXZ3JRnLgHqEZAp+6eI4zlW4GFkpyXxF3E3YR/U3mv
Bace8L3FoAq9jVqgMsHdVzZWyeUpKL9FZbRDE9wsimOg1mFIrZ/ZLW5qlFDdoxVt
GqbeBpr2F+8678HQh+DIaDfyLmqSj0RCO4qBtOOoQzQ9VU+JL8TvMJE2883rwVq+
+JHf81c8ABZmqYrn/oh8AMr8WggesZRd1Q/0r+Tb7/w1FGv/qPa6JsNglrOxDxT3
AEBfTUrllJpmfrX8VQFTTNecagLwPMC3s1j48lV8ZghOj3/mL4n68Tp5sV6f/b6Z
olX0pqH6E5iSy8BNBtrRF7r0yLfUewqwKlvOhT04zl3M26O2RD5HYWuxSxokXtkn
kUGd/zhryOX5Duz+c7HAG9ZBl26zC9BCyaSbzlo6yj3HPi+AxtQKSLxFl+dQmtIg
sWgQAKn056s6BWtdTbInUIzTV86LQ7Oa00QKobcLrVHwFi2mEZIRjmdDuR3oin7M
DRdB89E4SdLGFe8cIw3oG60noyRObJitB2hjSoxuUdO/ZFAbUTbgfz0b44grS/YD
njkGj067RRjmWP+GKRGp
=cZzu
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ