Bug 1544927 - icoutils: out of bounds read in simple_vec
Summary: icoutils: out of bounds read in simple_vec
Keywords:
Status: NEW
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1554810 1554811
Blocks: TRACKER-bugs-affecting-libguestfs 1544931
TreeView+ depends on / blocked
 
Reported: 2018-02-13 19:02 UTC by Laura Pardo
Modified: 2019-09-29 14:32 UTC (History)
3 users (show)

Fixed In Version: icoutils 0.31.1
Doc Type: If docs needed, set a value
Doc Text:
A heap-based out-of-bounds read flaw was found in the way icoutils parsed icon files. An attacker could potentially use this flaw to crash the icotool utility by tricking it into processing crafted icon files.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Laura Pardo 2018-02-13 19:02:57 UTC
An out of bounds read access flaw was found in icoutils. This flaw can be triggered via a crafted .ico file using icotool -l. This may result in a segmentation fault, leading to Denial of Service.

External References:

https://savannah.nongnu.org/bugs/index.php?52313
https://bugs.gentoo.org/647378

Upstream Patch:

http://git.savannah.nongnu.org/cgit/icoutils.git/patch/?id=15ef8e8c9994981d25d62

Comment 1 Richard W.M. Jones 2018-02-13 21:12:38 UTC
It's likely this affects libguestfs since it runs wrestool on
Windows guests.  I'm not able to see bug 1544931 however so
I don't know if there is already a bug to fix this in RHEL 7.

Comment 2 Laura Pardo 2018-02-13 22:13:54 UTC
Hi Richard! bug 1544931 is the task created for this issue and a related one https://bugzilla.redhat.com/show_bug.cgi?id=1544928

RHEL-7 status is new, the assigned analyst will define if it is affected and create the trackers, if needed


Note You need to log in before you can comment on or make changes to this bug.