| Summary: | gdk-pixbuf2.0 new heap buffer overflow security issue (CVE-2021-46829) | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, marja11, mhrambo3501, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, has_procedure, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | gdk-pixbuf2.0-2.42.2-1.mga8.src.rpm | CVE: | CVE-2021-46829 |
| Status comment: | |||
|
Description
David Walser
2022-07-23 17:20:30 CEST
Assigning to all packagers collectively, since there is no registered maintainer for this package Assignee:
bugsquad =>
pkg-bugs CVE-2021-46829 has been assigned, and there's a PoC: https://www.openwall.com/lists/oss-security/2022/07/25/1 Summary:
gdk-pixbuf2.0 new heap buffer overflow security issue =>
gdk-pixbuf2.0 new heap buffer overflow security issue (CVE-2021-46829) Updated package built for Mageia 8 Advisory: ======================== Updated gdk-pixbuf2.0 package fixes security vulnerability: It was discovered that gdk-pixbuf contained a buffer overwrite in io-gif-animation.c composite_frame() exploitable using a crafted GIF (CVE-2021-46829). References: https://www.openwall.com/lists/oss-security/2022/07/23/1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46829 https://www.openwall.com/lists/oss-security/2022/07/25/1 ======================== Updated packages in core/updates_testing: ======================== gdk-pixbuf2.0-2.42.2-1.1.mga8 lib64gdk_pixbuf2.0_0-2.42.2-1.1.mga8 lib64gdk_pixbuf2.0-devel-2.42.2-1.1.mga8 lib64gdk_pixbuf-gir2.0-2.42.2-1.1.mga8 from gdk-pixbuf2.0-2.42.2-1.1.mga8.src.rpm Potential test procedures. https://bugs.mageia.org/show_bug.cgi?id=21680#c7 https://bugs.mageia.org/show_bug.cgi?id=22399#c5 Keywords:
(none) =>
has_procedure Before the update [dave@x3 gdk-pixbuf]$ eog wrap_around.poc (eog:137113): EOG-WARNING **: 19:47:48.318: Error loading Eog typelib: Typelib file for namespace 'Eog', version '3.0' not found (eog:137113): libpeas-WARNING **: 19:47:48.398: Type not found in introspection: 'EogApplicationActivatable' (eog:137113): libpeas-WARNING **: 19:47:48.398: Method 'EogApplicationActivatable.activate' was not found (eog:137113): libpeas-WARNING **: 19:47:48.508: Type not found in introspection: 'EogWindowActivatable' (eog:137113): libpeas-WARNING **: 19:47:48.508: Method 'EogWindowActivatable.activate' was not found Segmentation fault (core dumped) [dave@x3 gdk-pixbuf]$ eog wrap_around.poc (eog:137188): EOG-WARNING **: 19:48:48.478: Error loading Eog typelib: Typelib file for namespace 'Eog', version '3.0' not found (eog:137188): libpeas-WARNING **: 19:48:48.564: Type not found in introspection: 'EogApplicationActivatable' (eog:137188): libpeas-WARNING **: 19:48:48.564: Method 'EogApplicationActivatable.activate' was not found (eog:137188): libpeas-WARNING **: 19:48:48.677: Type not found in introspection: 'EogWindowActivatable' (eog:137188): libpeas-WARNING **: 19:48:48.677: Method 'EogWindowActivatable.activate' was not found Segmentation fault (core dumped) Will test the update when it reaches kernel.org CC:
(none) =>
davidwhodgins Confirmed eog no longer segfaults with wrap_around.poc or more_trouble.poc, and continues to work ok with valid images. Keywords:
(none) =>
validated_update
Dave Hodgins
2022-07-29 20:38:37 CEST
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0269.html Resolution:
(none) =>
FIXED |