CVE-2024-37535 was announced here: https://www.openwall.com/lists/oss-security/2024/06/09/1 https://www.openwall.com/lists/oss-security/2024/06/09/2 Mageia 9 is also affected (I tested the command "printf '\e[8;65535;65535t'" with gnome-terminal on a Mga9 Virtualbox VM and the running LXDE session was killed).
Source RPM: (none) => vte-0.76.2-1.mga10.src.rpmWhiteboard: (none) => MGA9TOOCVE: (none) => CVE-2024-37535Status comment: (none) => Fixed upstream in 0.76.3 and patch available from upstream
I think this is the patch: https://gitlab.gnome.org/GNOME/vte/-/commit/fd5511f24b7269195a7083f409244e9787c705dc Our v0.76.2 in Cauldron is very recent! Assigning globally.
Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated packages fix a security vulnerability: GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. (CVE-2024-37535) References: https://www.openwall.com/lists/oss-security/2024/06/09/1 https://www.openwall.com/lists/oss-security/2024/06/09/2 ======================== Updated packages in core/updates_testing: ======================== lib(64)vte-devel-0.72.1-1.1.mga9 lib(64)vte-gir2.91-0.72.1-1.1.mga9 lib(64)vte-gir3.91-0.72.1-1.1.mga9 lib(64)vte-gtk4-devel-0.72.1-1.1.mga9 lib(64)vte-gtk4_2.91_0-0.72.1-1.1.mga9 lib(64)vte2.91_0-0.72.1-1.1.mga9 vte-0.72.1-1.1.mga9 vte-glade-0.72.1-1.1.mga9 vte-gtk3-0.72.1-1.1.mga9 vte-gtk4-0.72.1-1.1.mga9 vte-profile-0.72.1-1.1.mga9 from SRPM: vte-0.72.1-1.1.mga9.src.rpm
Assignee: pkg-bugs => qa-bugsStatus: NEW => ASSIGNEDStatus comment: Fixed upstream in 0.76.3 and patch available from upstream => (none)Version: Cauldron => 9Whiteboard: MGA9TOO => (none)Source RPM: vte-0.76.2-1.mga10.src.rpm => vte-0.72.1-1.mga9.src.rpm
Keywords: (none) => advisory
mga9, x64 Installed release version of vte (60 packages+). No man page or Read.md file. vte is a terminal emulator associated with Gtk. To launch a terminal use gtk-2.91. The -help command line option shows the possible arguments. Running emacs in a vte session to write this report. $ vte-2.91 --allow-window-ops --background-image=/home/lcl/Pictures/TracysRock.jpg raises a terminal with an image as background and the window may be resized to accommodate the whole picture. Note that '~' is not interpreted as $HOME. The background colour option accepts the X11 RGB colour names. $ vte-2.91 --allow-window-ops --background-color=LemonChiffon The terminal is happy to accept other character sets such as Cyrillic and Greek. $ eom YauzaRiverШлюзнарекеЯузеIMG3353.jpg $ cat greek Α α Alpha a Β β Beta b .... The --transparent=0..100 option enables variable transparency. That is as far as I have taken this. There are many other technical options. The packages updated without a problem. There is an exploit which can be tested easily but since it usually freezes up the machine I skipped that before updating. After the update it is innocuous: $ printf "e[4;65535;65535t" e[4;65535;65535tlcl@yildun:~ $ vi works fine in the terminal. Tried some of the other facilities as before and everything seems to be working. Giving this an OK.
Whiteboard: (none) => MGA9-64-OKCC: (none) => tarazed25
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0219.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED