First Last Prev Next    This bug is not in your last search results.
Bug 426091 - (CVE-2007-3568) CVE-2007-3568 imlib: infinite loop DoS using crafted BMP image
CVE-2007-3568 imlib: infinite loop DoS using crafted BMP image
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://nvd.nist.gov/nvd.cfm?cvename=C...
source=cve,reported=20070705,public=2...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-12-18 08:43 EST by Tomas Hoger
Modified: 2016-03-04 06:34 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-07 08:16:32 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Gentoo patch (457 bytes, patch)
2007-12-18 08:50 EST, Tomas Hoger 		no flags Details | Diff
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Tomas Hoger 2007-12-18 08:43:57 EST 
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-3568 to the following vulnerability:

The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service (infinite loop) via a BMP image with a Bits Per Page (BPP) value of 0.

References:

http://www.securiteam.com/unixfocus/5WP030UM0W.html
http://www.securityfocus.com/bid/24750
http://www.securitytracker.com/id?1018332
http://xforce.iss.net/xforce/xfdb/35325
Comment 1 Tomas Hoger 2007-12-18 08:50:10 EST 
Created attachment 289890 [details]
Gentoo patch

Replaces incorrect 'bpp && 16' with 'bpp != 16'
Comment 2 Tomas Hoger 2007-12-18 08:56:14 EST 
NVD statement for Red Hat Enterprise Linux imlib packages was already published
on Nist NVD site (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3568):

  Official Statement from Red Hat (7/6/2007)
  Red Hat does not consider bugs which result in a user-assisted crash of end
  user application to be a security issue.

It is currently not planned to backport fix to Red Hat Enterprise Linux imlib
packages.  It may be worth fixing in Fedora, as according to reporter, imlib
upstream is inactive for some time, so we probably can't count on new upstream
release addressing this.  Paul?
Comment 3 Paul Howarth 2007-12-19 07:08:54 EST 
imlib-1.9.15-6.fc9 containing the patch to fix this issue has been built for
Rawhide, and updates for F-7 and F-8 have been built and requested to be pushed
to updates-testing.
Comment 4 Tomas Hoger 2007-12-19 07:13:52 EST 
Thanks, Paul!
Comment 5 Fedora Update System 2007-12-20 14:52:07 EST 
imlib-1.9.15-6.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update imlib'
Comment 6 Fedora Update System 2007-12-20 15:12:06 EST 
imlib-1.9.15-6.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update imlib'
Comment 7 Fedora Update System 2007-12-28 12:12:02 EST 
imlib-1.9.15-6.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2007-12-28 12:16:15 EST 
imlib-1.9.15-6.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.