Bug 1699848 (CVE-2019-11023)
| Summary: | CVE-2019-11023 graphviz: null pointer dereference in function agroot() in cgraph\obj.c | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | alex, jima, jskarvad, mbenatto, tremble |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-10-27 03:28:12 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1699850, 1702446, 1702447 | ||
| Bug Blocks: | 1699849 | ||
|
Description
Dhananjay Arunesh
2019-04-15 11:30:59 UTC
Created graphviz tracking bugs for this issue: Affects: fedora-all [bug 1699850] Upstream patch: https://gitlab.com/graphviz/graphviz/commit/839085f8026afd6f6920a0c31ad2a9d880d97932 The graphml2gv application from graphviz suite is a tool used to convert GraphML input into GV format. This issue relies on the fact graphml currently doesn't fully validate malformated GraphML inputs. An attacker can take advantage of this weakness by crafting an invalid GraphML representation which leads graphml2gv to a NULL pointer dereference at agroot() after call agnode() function trying to insert a node into the graph causing DoS. |