SUSE update for djvulibre



Published: 2021-05-19
Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2019-18804
CVE-2021-32491
CVE-2021-32492
CVE-2021-32493
CWE-ID CWE-476
CWE-190
CWE-125
CWE-122
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		SUSE OpenStack Cloud Crowbar
Operating systems & Components / Operating system

SUSE Linux Enterprise Software Development Kit
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP
Operating systems & Components / Operating system

HPE Helion Openstack
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE OpenStack Cloud
Operating systems & Components / Operating system

libdjvulibre-devel
Operating systems & Components / Operating system package or component

libdjvulibre21-debuginfo
Operating systems & Components / Operating system package or component

libdjvulibre21
Operating systems & Components / Operating system package or component

djvulibre-debugsource
Operating systems & Components / Operating system package or component

djvulibre-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU22901

Risk: Low

CVSSv3.1: 2.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-18804

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the function DJVU::filter_fv at IW44EncodeCodec.cpp. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package djvulibre to the latest version.

Vulnerable software versions

SUSE OpenStack Cloud Crowbar: 8 - 9

SUSE Linux Enterprise Software Development Kit: 12-SP5

SUSE Linux Enterprise Server for SAP: 12-SP3 - 12-SP4

HPE Helion Openstack: 8

SUSE Linux Enterprise Server: 12-SP2-BCL - 12-SP5

SUSE OpenStack Cloud: 8 - 9

libdjvulibre-devel: before 3.5.25.3-5.9.1

libdjvulibre21-debuginfo: before 3.5.25.3-5.9.1

libdjvulibre21: before 3.5.25.3-5.9.1

djvulibre-debugsource: before 3.5.25.3-5.9.1

djvulibre-debuginfo: before 3.5.25.3-5.9.1

External links

http://www.suse.com/support/update/announcement/2021/suse-su-20211645-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Integer overflow

EUVDB-ID: #VU53321

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32491

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within render() function in tools/ddjvu. A remote attacker can create a specially crafted djvu  file, trick the victim into opening it, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package djvulibre to the latest version.

Vulnerable software versions

SUSE OpenStack Cloud Crowbar: 8 - 9

SUSE Linux Enterprise Software Development Kit: 12-SP5

SUSE Linux Enterprise Server for SAP: 12-SP3 - 12-SP4

HPE Helion Openstack: 8

SUSE Linux Enterprise Server: 12-SP2-BCL - 12-SP5

SUSE OpenStack Cloud: 8 - 9

libdjvulibre-devel: before 3.5.25.3-5.9.1

libdjvulibre21-debuginfo: before 3.5.25.3-5.9.1

libdjvulibre21: before 3.5.25.3-5.9.1

djvulibre-debugsource: before 3.5.25.3-5.9.1

djvulibre-debuginfo: before 3.5.25.3-5.9.1

External links

http://www.suse.com/support/update/announcement/2021/suse-su-20211645-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU53320

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32492

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in DJVU::DataPool::has_data() function. A remote attacker can create a specially crafted djvu file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package djvulibre to the latest version.

Vulnerable software versions

SUSE OpenStack Cloud Crowbar: 8 - 9

SUSE Linux Enterprise Software Development Kit: 12-SP5

SUSE Linux Enterprise Server for SAP: 12-SP3 - 12-SP4

HPE Helion Openstack: 8

SUSE Linux Enterprise Server: 12-SP2-BCL - 12-SP5

SUSE OpenStack Cloud: 8 - 9

libdjvulibre-devel: before 3.5.25.3-5.9.1

libdjvulibre21-debuginfo: before 3.5.25.3-5.9.1

libdjvulibre21: before 3.5.25.3-5.9.1

djvulibre-debugsource: before 3.5.25.3-5.9.1

djvulibre-debuginfo: before 3.5.25.3-5.9.1

External links

http://www.suse.com/support/update/announcement/2021/suse-su-20211645-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Heap-based buffer overflow

EUVDB-ID: #VU53317

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32493

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the DJVU::GBitmap::decode() function. A remote attacker can create a specially crafted djvu file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package djvulibre to the latest version.

Vulnerable software versions

SUSE OpenStack Cloud Crowbar: 8 - 9

SUSE Linux Enterprise Software Development Kit: 12-SP5

SUSE Linux Enterprise Server for SAP: 12-SP3 - 12-SP4

HPE Helion Openstack: 8

SUSE Linux Enterprise Server: 12-SP2-BCL - 12-SP5

SUSE OpenStack Cloud: 8 - 9

libdjvulibre-devel: before 3.5.25.3-5.9.1

libdjvulibre21-debuginfo: before 3.5.25.3-5.9.1

libdjvulibre21: before 3.5.25.3-5.9.1

djvulibre-debugsource: before 3.5.25.3-5.9.1

djvulibre-debuginfo: before 3.5.25.3-5.9.1

External links

http://www.suse.com/support/update/announcement/2021/suse-su-20211645-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###