SB2018042103 - Multiple vulnerabilities in GEGL
Published: April 21, 2018
Security Bulletin ID
SB2018042103
Severity
High
Patch available
NO
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Uncontrolled memory allocation (CVE-ID: CVE-2018-10111)
The vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists in the render_rectangle function in the process/gegl-processor.csource code file due to unbounded memory allocation. A local attacker can submit specially crafted input, trigger memory corruption and cause the service to crash.
2) Out-of-bounds write (CVE-ID: CVE-2018-10112)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition or execute arbitrary code on the target system.The weakness exists due to improper handling of PNG files during a call to the babl_format_get_bytes_per_pixel function in the babl-format.csource code file. A remote attacker can trick the victim into accessing a specially crafted PNG file, trigger out-of-bounds write in the gegl_tile_backend_swap_constructedfunction in the buffer/gegel-tile-backend-swap.c source code file, and cause the service to crash or execute arbitrary code.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.