Bug 1545288 (CVE-2017-18186)
| Summary: | CVE-2017-18186 qpdf: infinite loop due to looping xref tables in QPDF.cc | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | jpopelka, twaugh, zdohnal |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | qpdf 7.1.1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A denial of service flaw was found in the way QPDF parsed PDF files. An attacker could potentially use this flaw to cause QPDF to enter an infinite loop by tricking it into processing crafted QPDF files.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-08 03:40:03 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1554733, 1554734 | ||
| Bug Blocks: | 1545293 | ||
|
Description
Laura Pardo
2018-02-14 14:37:14 UTC
|