3097 – CVE-2011-2485: gdk-pixbuf

Bug 3097 - CVE-2011-2485: gdk-pixbuf

Summary: CVE-2011-2485: gdk-pixbuf

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	1
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:

URL:
Whiteboard:
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2011-10-18 18:15 CEST by Nicolas Vigier
Modified:	2011-10-19 21:50 CEST (History)
CC List:	7 users (show)

See Also:
Source RPM:	gdk-pixbuf2.0
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Vigier 2011-10-18 18:15:33 CEST

It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load()
routine did not properly handle certain return values from their subroutines.
A remote attacker could provide a specially-crafted GIF image, which once
opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf
to return partially initialized pixbuf structure, possibly having huge
width and height, leading to that particular application termination due
excessive memory use.

The CVE identifier of CVE-2011-2485 has been assigned to this issue.

http://git.gnome.org/browse/gdk-pixbuf/commit/gdk-pixbuf/io-gif.c?id=f8569bb1

Comment 1 Manuel Hiebel 2011-10-18 22:10:28 CEST

As no maintainer, I add the four more commiters of this package

CC: (none) => cjw, dmorganec, fundawang, jani.valimaa

Comment 2 Funda Wang 2011-10-19 03:38:55 CEST

Uploaded, please test.

Status: NEW => ASSIGNED

Comment 3 Dave Hodgins 2011-10-19 05:24:12 CEST

Any sample image files to demonstrate the problem?

CC: (none) => davidwhodgins

Nicolas Vigier 2011-10-19 11:42:14 CEST

Assignee: bugsquad => qa-bugs

Comment 4 claire robinson 2011-10-19 13:02:54 CEST

I can't find any on the web anywhere so we should test for regressions. 

It was reported against pidgin apparently so we should ensure gif images, smilies I guess, still work OK in pidgin.

It looks like it's used by most applications.

Tested x86_64 with eog & gimp opening various image formats all normal.

Pidgin appears normal.

Comment 5 claire robinson 2011-10-19 13:16:02 CEST

Tested the same way i586, all appears OK.

Update validate

Advisory
----------------
It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load()
routine did not properly handle certain return values from their subroutines.
A remote attacker could provide a specially-crafted GIF image, which once
opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf
to return partially initialized pixbuf structure, possibly having huge
width and height, leading to that particular application termination due
excessive memory use.

The CVE identifier of CVE-2011-2485 has been assigned to this issue.
------------------

SRPM: gdk-pixbuf2.0-2.22.1-3.1.mga1.src.rpm

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Thomas Backlund 2011-10-19 21:50:04 CEST

Update pushed.

Status: ASSIGNED => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.