Bug#1014710: gegl: CVE-2018-10111 CVE-2018-10112
Moritz Mühlenhoff
jmm at inutil.org
Sun Jul 10 18:19:43 BST 2022
Source: gegl
X-Debbugs-CC: team at security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerabilities were published for gegl.
CVE-2018-10111[0]:
| An issue was discovered in GEGL through 0.3.32. The render_rectangle
| function in process/gegl-processor.c has unbounded memory allocation,
| leading to a denial of service (application crash) upon allocation
| failure.
https://bugzilla.gnome.org/show_bug.cgi?id=795249
https://gitlab.gnome.org/GNOME/gegl/issues/65
POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1
CVE-2018-10112[1]:
| An issue was discovered in GEGL through 0.3.32. The
| gegl_tile_backend_swap_constructed function in buffer/gegl-tile-
| backend-swap.c allows remote attackers to cause a denial of service
| (write access violation) or possibly have unspecified other impact via
| a malformed PNG file that is mishandled during a call to the
| babl_format_get_bytes_per_pixel function in babl-format.c in babl
| 0.1.46.
https://bugzilla.gnome.org/show_bug.cgi?id=795249
https://gitlab.gnome.org/GNOME/gegl/issues/65
https://github.com/xiaoqx/pocs/tree/master/gegl#4-gegl-outbound-write-2
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-10111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10111
[1] https://security-tracker.debian.org/tracker/CVE-2018-10112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10112
Please adjust the affected versions in the BTS as needed.
More information about the pkg-gnome-maintainers
mailing list