Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 23 Jul 2022 11:51:53 -0500
From: John Helmert III <ajak@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: heap buffer overflow in gdk-pixbuf

On Sat, Jul 23, 2022 at 07:35:42PM +0700, Pedro Ribeiro wrote:
> Hi,
> 
> A year ago I found and submitted a vulnerability to the gdk-pixbuf tracker:
> https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/190
> 
> It's a heap buffer overflow using a crafted GIF, which is likely 
> exploitable in 32 bit systems. Full details are in the link above in the 
> bug tracker.
> 
> This was patched and the fix was merged 8 months ago as seen here:
> https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/121
> 
> The issue is now public, but since no CVE was attributed, it probably is 
> not being considered as a problem for downstream users of the package.
> 
> As of today, the latest Debian stable package is affected by this 
> vulnerability. Using a GNOME file system browser and browsing to that 
> folder will cause a crash, as will opening it up in a GNOME image viewer 
> and even attempting to load it in Chromium (should have submitted to 
> them for a bounty :D).
> 
> Hence I'd like to get a CVE to raise awareness for this issue, so that 
> downstream users of the package can get patched.
> 
> Thanks and regards,
> Pedro Ribeiro

Hi, according to the oss-security Openwall wiki page [1], CVEs need to
be requested via MITRE's web form [2].

[1] https://oss-security.openwall.org/wiki/mailing-lists/oss-security
[2] https://cveform.mitre.org/
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.