Bug 2267204 (CVE-2024-24246)

Summary: CVE-2024-24246 qpdf: Heap Buffer Overflow vulnerability in qpdf
Product: [Other] Security Response Reporter: Avinash Hanwate <ahanwate>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: gsuckevi, zdohnal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: qpdf 11.9.0 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in qpdf. Processing a specially crafted JSON file using the --json-input command line option may lead to a heap-based buffer over-read, resulting in an application crash.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 2267205    
Bug Blocks: 2267206    

Description Avinash Hanwate 2024-03-01 05:32:37 UTC
Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.


Comment 1 Avinash Hanwate 2024-03-01 05:35:30 UTC
Created qpdf tracking bugs for this issue:

Affects: fedora-all [bug 2267205]

Comment 6 Sandipan Roy 2024-03-01 09:23:09 UTC
Upstream Commit: https://github.com/qpdf/qpdf/commit/cb0f390cc1f98a8e82b27259f8f3cd5f162992eb