Bug 277221 (CVE-2007-3477)

Summary:	CVE-2007-3477 gd: arc drawing functions can consume large amount of CPU time
Product:	[Other] Security Response	Reporter:	Lubomir Kundrak <lkundrak>
Component:	vulnerability	Assignee:	Red Hat Product Security <security-response-team>
Status:	CLOSED WONTFIX	QA Contact:
Severity:	low	Docs Contact:
Priority:	low
Version:	unspecified	CC:	varekova
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
URL:	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3477
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2008-02-13 12:57:53 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	277411, 277421
Bug Blocks:

Description Lubomir Kundrak 2007-09-04 19:48:17 UTC

Common Vulnerabilities and Exposures assigned an identifier CVE-2007-3477 to the following vulnerability:

The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.

References:

http://www.libgd.org/ReleaseNote020035
http://bugs.libgd.org/?do=details&task_id=74
http://bugs.libgd.org/?do=details&task_id=92

Comment 2 Tomas Hoger 2008-02-11 15:37:14 UTC

Original fix:

http://cvs.php.net/viewcvs.cgi/gd/libgd/src/gd.c?r1=1.53&r2=1.54

and additional enhancement to fix regression introduced by the original fix:

http://cvs.php.net/viewcvs.cgi/gd/libgd/src/gd.c?r1=1.58&r2=1.59

Comment 3 Tomas Hoger 2008-02-13 12:50:28 UTC

Due to minimal impact of this flaw (temporary DoS by high CPU usage) and low
likelihood of this problem being exposed in a way that would allow trust
boundary crossing, we currently do not plan to backport fix for this issue to
versions of gd shipped in current versions of Red Hat Enterprise Linux.