AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. https://github.com/autotrace/autotrace/commit/e96bffadc25ff0ba0e10745f8012efcc5f920ea9
You are not authorized to access bug #2107473.
I do not see any reference by looking into that commit that it is related to heap-buffer overflow. Are you sure fixing "Misleading indentation" is related to heap-buffer overflow? I think the commit that should be considered for the CVE is https://github.com/autotrace/autotrace/commit/e96bffadc25ff0ba0e10745f8012efcc5f920ea9
Created autotrace tracking bugs for this issue: Affects: fedora-all [bug 2121826]
There's a flaw in autotrace ReadImage() function. When reading the BMP image header it relies in the untrusted input from the file and doesn't proper validate if its contents fits the internal buffer size, an attacker can leverage that by crafting a malicious BMP file triggering a buffer overflow. An successful attack can lead to possible code execution with a high impact in confidentiality and integrity, for availability the impact can be considered low as it affects only the single execution from the single user running the application. For a successful attack to happens, the attacker needs to trick the user to open the crafted BMP file.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2589 https://access.redhat.com/errata/RHSA-2023:2589
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:3067 https://access.redhat.com/errata/RHSA-2023:3067
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-32323