1992788 – (CVE-2020-21681) CVE-2020-21681 transfig: A global buffer overflow in the set_color component in genge.c could result in a denial of service

Bug 1992788 (CVE-2020-21681) - CVE-2020-21681 transfig: A global buffer overflow in the set_color component in genge.c could result in a denial of service

Summary: CVE-2020-21681 transfig: A global buffer overflow in the set_color component ...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2020-21681
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1998349 1998350
Blocks:	1992794
TreeView+	depends on / blocked

Reported:	2021-08-11 18:10 UTC by Michael Kaplan
Modified:	2023-12-13 13:38 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-12-13 13:38:16 UTC
Embargoed:

Attachments	(Terms of Use)

Description Michael Kaplan 2021-08-11 18:10:23 UTC

A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

Reference:

https://sourceforge.net/p/mcj/tickets/73/

Comment 1 Garrett Tucker 2021-08-26 21:37:25 UTC

A buffer overflow was possible when choosing the default color when converting to ge. The value associated with the default color enabled access of the array outside of the intended range and would result in a DoS. This has been remediated in: https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/

Note You need to log in before you can comment on or make changes to this bug.