Bug 1947

Summary: Remote denial of service vulnerability from corrupt buddy icons
Product: Mageia Reporter: Stew Benedict <stewbintn>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED OLD QA Contact:
Severity: normal    
Priority: Normal CC: remco
Version: 1Keywords: Security
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: pidgin-2.7.11-1.mga1.src.rpm CVE:
Status comment:

Description Stew Benedict 2011-06-28 13:23:18 CEST 
Description of problem:

A remote attacker could set a specially-crafted GIF image as their buddy icon that could lead to Pidgin being terminated due to excessive memory use

Version-Release number of selected component (if applicable):

pidgin-2.7.11-1.mga1.src.rpm

How reproducible:

N/A

Patches can be found here, unfortunate it affects a number of source files:

http://developer.pidgin.im/viewmtn/revision/info/e802003adbf0be4496de3de8ac03b47c1e471d00

Possible update text:

It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() used by Pidgin did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure, possibly having huge width and height, which could lead to the application being terminated due excessive memory use.
This issue is identified at mitre.org by CVE-2011-2485. Updated packages correct this issue.
Comment 1 Stew Benedict 2011-08-28 21:46:10 CEST 
no interest in this, closing

Status: NEW => RESOLVED
Resolution: (none) => OLD

Comment 2 Remco Rijnders 2011-08-29 07:47:46 CEST 
Stew,

I understand your frustration in the lack of follow up given to reported security problems, but I think closing security bugs which have not been solved is not the right way to go. Let's try to keep those issues on the radar at least.

Keywords: (none) => Security
CC: (none) => remco