Bug 1268243 (CVE-2015-7558)

Summary: CVE-2015-7558 librsvg2: Stack exhaustion causing DoS
Product: [Other] Security Response Reporter: Adam Mariš <amaris>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: carnil, jrusnack, mclasen, mprpic, otte, scorneli, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: librsvg2 2.40.12 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-12-22 10:59:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1293346, 1293347    
Bug Blocks: 1268247, 1331729    

Description Adam Mariš 2015-10-02 09:25:03 UTC
A vulnerability causing stack exhaustion leading to DoS was found in librsvg2 when parsing SVG file.

Comment 2 Adam Mariš 2015-10-02 09:56:16 UTC
Acknowledgements:

Red Hat would like to thank Gustavo Grieco for reporting this issue.

Comment 3 Matthias Clasen 2015-10-02 14:10:49 UTC
I don't believe that firefox is using librsvg to parse files that are loaded from the net.

Comment 5 Matthias Clasen 2015-12-14 18:38:30 UTC
yes, I believe this was fixed by rewriting the way librsvg checks for cyclic references.

Comment 6 Adam Mariš 2015-12-21 13:53:50 UTC
Created librsvg2 tracking bugs for this issue:

Affects: fedora-all [bug 1293346]

Comment 7 Adam Mariš 2015-12-21 13:53:56 UTC
Created mingw-librsvg2 tracking bugs for this issue:

Affects: fedora-all [bug 1293347]

Comment 10 Stefan Cornelius 2016-06-03 13:04:17 UTC
*** Bug 1331724 has been marked as a duplicate of this bug. ***