Bug 1737785 (CVE-2019-1010238) - CVE-2019-1010238 pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow
Summary: CVE-2019-1010238 pango: pango_log2vis_get_embedding_levels() heap-based buffe...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-1010238
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1738460 1737786 1738459 1738461 1738462 1756290
Blocks: 1737787
TreeView+ depends on / blocked
 
Reported: 2019-08-06 08:41 UTC by Marian Rehak
Modified: 2019-10-29 14:03 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-28 19:07:22 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:2659 None None None 2019-09-04 18:30:50 UTC
Red Hat Product Errata RHBA-2019:2664 None None None 2019-09-05 00:59:50 UTC
Red Hat Product Errata RHBA-2019:2665 None None None 2019-09-05 01:01:17 UTC
Red Hat Product Errata RHBA-2019:2666 None None None 2019-09-05 01:01:33 UTC
Red Hat Product Errata RHBA-2019:2675 None None None 2019-09-05 17:27:41 UTC
Red Hat Product Errata RHBA-2019:2686 None None None 2019-09-09 16:16:25 UTC
Red Hat Product Errata RHBA-2019:2738 None None None 2019-09-11 15:42:24 UTC
Red Hat Product Errata RHBA-2019:2739 None None None 2019-09-11 15:42:29 UTC
Red Hat Product Errata RHBA-2019:2742 None None None 2019-09-12 15:58:20 UTC
Red Hat Product Errata RHBA-2019:2776 None None None 2019-09-16 14:59:03 UTC
Red Hat Product Errata RHBA-2019:2787 None None None 2019-09-17 00:37:29 UTC
Red Hat Product Errata RHBA-2019:2810 None None None 2019-09-19 04:02:25 UTC
Red Hat Product Errata RHBA-2019:2911 None None None 2019-09-26 08:26:18 UTC
Red Hat Product Errata RHBA-2019:2965 None None None 2019-10-03 15:29:38 UTC
Red Hat Product Errata RHBA-2019:3036 None None None 2019-10-14 09:36:10 UTC
Red Hat Product Errata RHSA-2019:2571 None None None 2019-08-28 17:01:48 UTC
Red Hat Product Errata RHSA-2019:2582 None None None 2019-08-29 06:50:52 UTC
Red Hat Product Errata RHSA-2019:3234 None None None 2019-10-29 14:03:44 UTC

Description Marian Rehak 2019-08-06 08:41:00 UTC
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

External References:

https://packetstormsecurity.com/files/153838/USN-4081-1.txt
https://gitlab.gnome.org/GNOME/pango/issues/342

Comment 1 Marian Rehak 2019-08-06 08:41:11 UTC
Created pango tracking bugs for this issue:

Affects: fedora-all [bug 1737786]

Comment 6 errata-xmlrpc 2019-08-28 17:01:47 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:2571 https://access.redhat.com/errata/RHSA-2019:2571

Comment 7 Product Security DevOps Team 2019-08-28 19:07:22 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-1010238

Comment 8 errata-xmlrpc 2019-08-29 06:50:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2019:2582 https://access.redhat.com/errata/RHSA-2019:2582

Comment 13 Jens Petersen 2019-09-10 04:07:31 UTC
Anyway I requested 7.6.z now in bug 1738459 - I hope that works even though the bug is closed since we shipped the 7.7.z update.

Comment 17 errata-xmlrpc 2019-10-29 14:03:43 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Extended Update Support

Via RHSA-2019:3234 https://access.redhat.com/errata/RHSA-2019:3234


Note You need to log in before you can comment on or make changes to this bug.