[Secure-testing-team] Bug#860460: jbig2dec: CVE-2017-7885: eap-buffer-overflow by integer overflow to bypass the check in the function jbig2_decode_symbol_dict
Salvatore Bonaccorso
carnil at debian.org
Mon Apr 17 09:19:50 UTC 2017
Source: jbig2dec
Version: 0.13-4
Severity: important
Tags: security upstream
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697703
Control: found -1 0.13-4~deb8u1
Hi,
the following vulnerability was published for jbig2dec.
CVE-2017-7885[0]:
| Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to
| denial of service (application crash) or disclosure of sensitive
| information from process memory, because of an integer overflow in the
| jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in
| libjbig2dec.a during operation on a crafted .jb2 file.
There is the upstream report at [1], but details are currently not
provided to public, only in the PoC.zip which is password protected.
So might might need to wait for more information here, though I
alreayd filled the bugreport since we ship 0.13 based version, and the
issue was found there upstream.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7885
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885
[1] https://bugs.ghostscript.com/show_bug.cgi?id=697703
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list