Bug 155949 - kde-base/kdegraphics-kfile-plugins JPEG-EXIF File Information DoS vulnerability (CVE-2006-6297)
Bug#: 155949 Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: jaervosz@gentoo.org
Component: Vulnerabilities
URL:  http://www.kde.org/info/security/advisory-20061129-1.txt
Summary: kde-base/kdegraphics-kfile-plugins JPEG-EXIF File Information DoS vulnerability (CVE-2006-6297)
Keywords:  
Status Whiteboard: B3 [glsa] jaervosz
Opened: 2006-11-22 08:11 0000
Description:   Opened: 2006-11-22 08:11 0000 
E Security Advisory: JPEG-EXIF File Information DoS vulnerability
Original Release Date: 2006-11-XX
URL: http://www.kde.org/info/security/advisory-200611XX-1.txt

0. References

        CVE-2006-FIXME


1. Systems affected:

        kdegraphics as shipped with KDE 3.1.0 up to including 3.5.5.

2. Overview:

        The JPEG kfile-info plugin, which is used in all KDE applications
        for showing image metainformation (for example the image size
        or EXIF embedded information) is vulnerable to a endless recursion
        EXIF parsing bug.  This particular issue was reported by Marcus
        Meissner from SUSE security.

3. Impact:

        On a regular Linux system, this can cause the process that launched
        the plugin to crash. If ulimits have been removed, it can cause the
        machine run out of memory.

4. Solution:

        Source code patches have been made available which fix these
        vulnerabilities. Contact your OS vendor / binary package provider
        for information about how to obtain updated binary packages.


5. Patch:

        A patch for KDE 3.1.0 - KDE 3.5.5 is available from
        ftp://ftp.kde.org/pub/kde/security_patches :

        1ce5fb77aff8f97ed21da046c1385000  post-3.5.5-kdegraphics.diff

------- Comment #1 From Sune Kloppenborg Jeppesen 2006-11-22 11:47:31 0000 ------- 
Created an attachment (id=102561) [details]
post-3.5.5-kdegraphics.diff

------- Comment #2 From Diego E. 'Flameeyes' Pettenò 2006-11-22 12:19:44 0000 ------- 
Created an attachment (id=102565) [details]
kdegraphics-kfile-plugins-3.5.5-r1.ebuild

------- Comment #3 From Diego E. 'Flameeyes' Pettenò 2006-11-22 12:21:44 0000 ------- 
Created an attachment (id=102566) [details]
kdegraphics-3.5.5-r1.ebuild

------- Comment #4 From Matthias Geerdsen 2006-11-23 13:34:08 0000 ------- 
security liaisons, please test the ebuilds and report here if they can be
marked stable, do not commit anything yet

target keywords
kdegraphics: "alpha amd64 hppa ia64 mips ppc ppc64 sparc x86"
kdegraphics-kfile-plugins: "alpha amd64 ia64 ppc ppc64 sparc x86 ~x86-fbsd"

------- Comment #5 From Gustavo Zacarias (RETIRED) 2006-11-27 06:39:43 0000 ------- 
I'm getting consistent "The process for the file protocol died unexpectedly" on
kde startup with 3.5.5-r1.
Any hints on how to debug this?

------- Comment #6 From Markus Rothe 2006-12-04 13:21:18 0000 ------- 
this looks good on ppc64. I'm not getting the message from comment #5.

------- Comment #7 From Sune Kloppenborg Jeppesen 2006-12-05 00:59:30 0000 ------- 
Sorry for the delay. This one is public now. Please commit a fixed ebuild.

------- Comment #8 From Diego E. 'Flameeyes' Pettenò 2006-12-05 06:54:46 0000 ------- 
Ebuilds in tree, enjoy.

------- Comment #9 From Sune Kloppenborg Jeppesen 2006-12-05 22:03:51 0000 ------- 
Thx Diego.

Arches please test and mark stable. Target keywords are:

kdegraphics-kfile-plugins-3.5.5-r1.ebuild:KEYWORDS="alpha amd64 ia64 ppc ppc64
sparc x86 ~x86-fbsd"

------- Comment #10 From Christian Faulhammer 2006-12-05 23:51:47 0000 ------- 
x86 done

------- Comment #11 From Markus Rothe 2006-12-06 00:16:37 0000 ------- 
ppc64 stable

------- Comment #12 From Bryan Østergaard (RETIRED) 2006-12-11 14:41:17 0000 ------- 
Stable on Alpha + ia64.

------- Comment #13 From Tobias Scherbaum 2006-12-16 05:52:05 0000 ------- 
kdegraphics and kdegraphics-kfile-plugins 3.5.5-r1 ppc stable.

Looks like kdegraphics has been forgotten ...

------- Comment #14 From Sune Kloppenborg Jeppesen 2006-12-16 08:27:33 0000 ------- 
Thx for the pointer Tobias.

Adding back arches to mark kdegraphics-3.5.5-r1 stable.

------- Comment #15 From René Nussbaumer 2006-12-17 13:54:03 0000 ------- 
stable on hppa.

------- Comment #16 From Bryan Østergaard (RETIRED) 2006-12-17 15:54:01 0000 ------- 
kdegraphics-3.5.5-r1 stable on Alpha + ia64.

------- Comment #17 From Christian Faulhammer 2006-12-18 00:18:38 0000 ------- 
Stable on x86

------- Comment #18 From Markus Rothe 2006-12-18 12:21:12 0000 ------- 
ppc64 stable

------- Comment #19 From Diego E. 'Flameeyes' Pettenò 2006-12-18 18:20:42 0000 ------- 
AMD64 (or rather Intel64 ;)) done.

------- Comment #20 From Jason Wever (RETIRED) 2006-12-20 08:23:13 0000 ------- 
SPARC stable

------- Comment #21 From Raphael Marichez 2006-12-28 08:31:40 0000 ------- 
theorically we have to vote on this and i would vote for a GLSA, because kde is
so common and it's so easy to trigger... (nearly A3 IMHO in fact)

------- Comment #22 From Wolf Giesen (RETIRED) 2006-12-28 10:09:10 0000 ------- 
yes++

------- Comment #23 From Sune Kloppenborg Jeppesen 2006-12-28 10:51:16 0000 ------- 
Another YES vote.

------- Comment #24 From Raphael Marichez 2007-01-12 22:06:38 0000 ------- 
GLSA 200701-05