Bug 163924 - gpdf DoS
gpdf DoS
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: gpdf (Show other bugs)
3
All Linux
medium Severity medium
: ---
: ---
Assigned To: Marco Pesenti Gritti
impact=moderate,source=vendorsec,repo...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-07-21 20:35 EDT by Josh Bressers
Modified: 2008-02-11 20:25 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-11 20:25:56 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-07-21 20:35:53 EDT
+++ This bug was initially created as a clone of Bug #163918 +++

A broken PDF file is will create a file in /tmp and continue to fill it until
the filesystem is full.

The patch for this issue is attachment 117043 [details]
The demo exploit for this issue is attachment 117042 [details]
Comment 1 Josh Bressers 2005-07-21 20:36:52 EDT
This issue also affects FC3
Comment 2 Josh Bressers 2005-07-21 20:37:41 EDT
err, this issue only affects FC3
Comment 3 Marco Pesenti Gritti 2005-07-25 04:03:17 EDT
For FC4 I think this apply to poppler instead.
Comment 4 Josh Bressers 2005-07-25 07:10:21 EDT
Marco,

I'm not sure if this issue affects poppler.  I can't get evince to fill up /tmp
when I open this PDF file (I know it's the same code, but for some reason it's
not crashing).
Comment 5 Mark J. Cox (Product Security) 2005-08-10 04:39:27 EDT
Removing embargo
Comment 6 Matthew Miller 2006-07-10 16:31:04 EDT
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!
Comment 7 petrosyan 2008-02-11 20:25:56 EST
Fedora Core 3 is not maintained anymore.

Setting status to "INSUFFICIENT_DATA". If you can reproduce this bug in the
current Fedora release, please reopen this bug and assign it to the
corresponding Fedora version.

Note You need to log in before you can comment on or make changes to this bug.