Bug 33382 - poppler new security issue CVE-2024-6239
Summary: poppler new security issue CVE-2024-6239
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2024-07-09 15:44 CEST by Nicolas Salguero
Modified: 2024-07-10 20:02 CEST (History)
2 users (show)

See Also:
Source RPM: poppler-23.02.0-1.2.mga9.src.rpm
CVE: CVE-2024-6239
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2024-07-09 15:44:10 CEST 
SUSE has issued an advisory on July 8:
https://lists.suse.com/pipermail/sle-updates/2024-July/035847.html

Mageia 9 is also affected.
Nicolas Salguero 2024-07-09 15:44:41 CEST

Source RPM: (none) => poppler-24.06.0-2.mga10.src.rpm, poppler-23.02.0-1.2.mga9.src.rpm
Status comment: (none) => Patch available from openSUSE and upstream
CVE: (none) => CVE-2024-6239
Whiteboard: (none) => MGA9TOO

Comment 1 Nicolas Salguero 2024-07-09 16:59:19 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. (CVE-2024-6239)

References:
https://lists.suse.com/pipermail/sle-updates/2024-July/035847.html
========================

Updated packages in core/updates_testing:
========================
lib(64)poppler-cpp0-23.02.0-1.3.mga9
lib(64)poppler-cpp-devel-23.02.0-1.3.mga9
lib(64)poppler-devel-23.02.0-1.3.mga9
lib(64)poppler-gir0.18-23.02.0-1.3.mga9
lib(64)poppler-glib8-23.02.0-1.3.mga9
lib(64)poppler-glib-devel-23.02.0-1.3.mga9
lib(64)poppler-qt5_1-23.02.0-1.3.mga9
lib(64)poppler-qt5-devel-23.02.0-1.3.mga9
lib(64)poppler-qt6_3-23.02.0-1.3.mga9
lib(64)poppler-qt6-devel-23.02.0-1.3.mga9
lib(64)poppler126-23.02.0-1.3.mga9
poppler-23.02.0-1.3.mga9

from SRPM:
poppler-23.02.0-1.3.mga9.src.rpm

Whiteboard: MGA9TOO => (none)
Assignee: bugsquad => qa-bugs
Status comment: Patch available from openSUSE and upstream => (none)
Version: Cauldron => 9
Source RPM: poppler-24.06.0-2.mga10.src.rpm, poppler-23.02.0-1.2.mga9.src.rpm => poppler-23.02.0-1.2.mga9.src.rpm
Status: NEW => ASSIGNED

katnatek 2024-07-09 23:50:57 CEST

Keywords: (none) => advisory

Comment 2 katnatek 2024-07-10 01:39:59 CEST 
RH mageia 9 x86_64

pdfinfo -dests poc.pdf crash as reported

LC_ALL=C urpmi --auto --auto-update
medium "QA Testing (32-bit)" is up-to-date
medium "QA Testing (64-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date

installing lib64poppler126-23.02.0-1.3.mga9.x86_64.rpm lib64poppler-qt5_1-23.02.0-1.3.mga9.x86_64.rpm lib64poppler-qt6_3-23.02.0-1.3.mga9.x86_64.rpm lib64poppler-glib8-23.02.0-1.3.mga9.x86_64.rpm lib64poppler-cpp0-23.02.0-1.3.mga9.x86_64.rpm poppler-23.02.0-1.3.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/6: lib64poppler126       ##################################################################################################
      2/6: lib64poppler-qt5_1    ##################################################################################################
      3/6: lib64poppler-qt6_3    ##################################################################################################
      4/6: lib64poppler-glib8    ##################################################################################################
      5/6: lib64poppler-cpp0     ##################################################################################################
      6/6: poppler               ##################################################################################################
      1/6: removing poppler-23.02.0-1.2.mga9.x86_64
                                 ##################################################################################################
      2/6: removing lib64poppler-cpp0-23.02.0-1.2.mga9.x86_64
                                 ##################################################################################################
      3/6: removing lib64poppler-glib8-23.02.0-1.2.mga9.x86_64
                                 ##################################################################################################
      4/6: removing lib64poppler-qt6_3-23.02.0-1.2.mga9.x86_64
                                 ##################################################################################################
      5/6: removing lib64poppler-qt5_1-23.02.0-1.2.mga9.x86_64
                                 ##################################################################################################
      6/6: removing lib64poppler126-23.02.0-1.2.mga9.x86_64
                                 ##################################################################################################


pdfinfo -dests poc.pdf not crash

Whiteboard: (none) => MGA9-64-OK
CC: (none) => andrewsfarm

Comment 3 katnatek 2024-07-10 01:56:13 CEST 
Reference bug#33298 comment#2

pdftohtml works as described
pdfimages works as described
pdfseparate works as described
Comment 4 Thomas Andrews 2024-07-10 15:14:40 CEST 
Validating.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update

Comment 5 Mageia Robot 2024-07-10 20:02:31 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0260.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.