Bug 1992793 (CVE-2020-21684)

Summary: CVE-2020-21684 transfig: A global buffer overflow in the put_font in genpict2e.c could result in a denial of service
Product: [Other] Security Response Reporter: Michael Kaplan <mkaplan>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: databases-maint, hhorak, kasal, mschorm, pkubat
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-12-13 13:43:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2000745, 2000747    
Bug Blocks: 1992794    

Description Michael Kaplan 2021-08-11 18:18:45 UTC 
A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

Reference:

https://sourceforge.net/p/mcj/tickets/75/
Comment 1 Garrett Tucker 2021-09-02 19:27:21 UTC 
Due to the inability for the exploit to cause arbitrary code execution or to read arbitrary memory, this does not impact confidentiality or integrity. The outcome of this exploit is only a DoS affecting availability of the program by causing a total crash and inability for the program to recover. As such the CVSS score should be rescored to AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H to accurately reflect the impact of this vulnerability.