Bug 1786726 (CVE-2019-19797)
Summary: | CVE-2019-19797 transfig: out-of-bounds write in read_colordef in read.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | databases-maint, hhorak, kasal, mschorm, odubaj, panovotn, pkubat, tomm.momi |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
An out-of-bounds write flaw was found in transfig in the way the `fig2dev` program handled the processing of Fig format files. Specifically, the flaw affects the translation process of Fig codes into the box graphics language. This flaw allows for potential exploitation by crashing the `fig2dev` program by tricking it into processing specially crafted Fig format files.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-25 22:14:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1786727, 1786728, 1826923, 1826924 | ||
Bug Blocks: | 1786731 |
Description
Guilherme de Almeida Suckevicz
2019-12-27 14:29:36 UTC
Created xfig tracking bugs for this issue: Affects: epel-7 [bug 1786728] Affects: fedora-all [bug 1786727] fig2dev is part of transfig, not xfig. I've update the Fedora tracking bug accordingly, EPEL does not appear to have transfig, so I believe that the EPEL tracking bug can be closed, but I'm leaving that up to you. I'm also leaving any necessary updates to this bug (Summary?) up to you. Thank you for your information. Mitigation: Avoid loading and processing Fig format files from untrusted external sources. There is no fixed upstream version yet. This issue affects latest upstream version 3.2.7, new version with fixes (comment #4) has not been released yet. |