1544928 – icoutils: out-of-bounds read in read_library function in wrestool

Bug 1544928 - icoutils: out-of-bounds read in read_library function in wrestool

Summary: icoutils: out-of-bounds read in read_library function in wrestool

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1544929 1554819 1554821
Blocks:	1544931
TreeView+	depends on / blocked

Reported:	2018-02-13 19:20 UTC by Laura Pardo
Modified:	2021-10-21 19:54 UTC (History)
CC List:	2 users (show)
Fixed In Version:	icoutils 0.32.2
Clone Of:
Environment:
Last Closed:	2021-10-21 19:54:26 UTC
Embargoed:

Attachments	(Terms of Use)

Description Laura Pardo 2018-02-13 19:20:02 UTC

An out of bounds read access flaw was found in icoutils. Processing crafted input files using wrestool, could lead to a crash, thus resulting in Denial of Service.

External References:

https://savannah.nongnu.org/bugs/index.php?52308
https://bugs.gentoo.org/647378

Upstream Patch(es):

http://git.savannah.nongnu.org/cgit/icoutils.git/commit/?id=8650b677a50
http://git.savannah.nongnu.org/cgit/icoutils.git/commit/?id=a8c8543731e

Comment 1 Laura Pardo 2018-02-13 19:20:28 UTC

Created icoutils tracking bugs for this issue:

Affects: epel-6 [bug 1544929]

Note You need to log in before you can comment on or make changes to this bug.