Bug 487512 (CVE-2009-0733)
| Summary: | CVE-2009-0733 LittleCms lack of upper-bounds check on sizes | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Josh Bressers <bressers> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aph, jlieskov, kreilly, mjc, mmcallis, mschoene, rbiba, security-response-team, tbzatek |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-03-29 09:26:57 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 487513, 487514, 491272, 491273, 491274, 491703, 491704, 833922 | ||
| Bug Blocks: | |||
|
Description
Josh Bressers
2009-02-26 14:00:08 UTC
Lifting embargo This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:0339 https://rhn.redhat.com/errata/RHSA-2009-0339.html lcms-1.18-0.1.beta2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/lcms-1.18-0.1.beta2.fc10 lcms-1.18-0.1.beta2.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/lcms-1.18-0.1.beta2.fc9 Chris Evans' and oCERT advisories: http://scary.beasts.org/security/CESA-2009-003.html http://www.ocert.org/advisories/ocert-2009-003.html lcms-1.18-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/lcms-1.18-1.fc10 lcms-1.18-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/lcms-1.18-1.fc9 lcms-1.18-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. lcms-1.18-0.1.beta2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. lcms-1.18-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. lcms-1.18-0.1.beta2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. java-1.6.0-openjdk-1.6.0.0-11.b14.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. java-1.6.0-openjdk-1.6.0.0-0.21.b09.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0733 to this vulnerability: Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://www.securityfocus.com/bid/34185 http://xforce.iss.net/xforce/xfdb/49330 java-1.6.0-openjdk-1.6.0.0-0.23.b09.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:0377 https://rhn.redhat.com/errata/RHSA-2009-0377.html |