Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 699338 (CVE-2019-18397) - <dev-libs/fribidi-1.0.8: stack buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c (CVE-2019-18397)
Summary: <dev-libs/fribidi-1.0.8: stack buffer overflow in the fribidi_get_par_embeddi...
Status: RESOLVED FIXED
Alias: CVE-2019-18397
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-11-04 21:37 UTC by Thomas Deutschmann (RETIRED)
Modified: 2020-03-19 16:43 UTC (History)
1 user (show)

See Also:
Package list:
dev-libs/fribidi-1.0.8
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2019-11-04 21:37:22 UTC 
A stack buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi 1.0.0 through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text rendering, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, a crafted IRC message to be viewed in HexChat or a crafted email to be viewed in Evolution.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2019-11-04 21:38:33 UTC 
Upstream fix (already public): https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568
Comment 2 Larry the Git Cow gentoo-dev 2019-12-25 20:50:47 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77e557a14b9c35e0ea9b8a29f50d22a96b9e7fc1

commit 77e557a14b9c35e0ea9b8a29f50d22a96b9e7fc1
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2019-12-25 20:46:50 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2019-12-25 20:50:28 +0000

    dev-libs/fribidi: security bump to 1.0.8
    
    Bug: https://bugs.gentoo.org/699338
    Package-Manager: Portage-2.3.79, Repoman-2.3.12
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 dev-libs/fribidi/Manifest             |  1 +
 dev-libs/fribidi/fribidi-1.0.8.ebuild | 37 +++++++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+)
Comment 3 Agostino Sarubbo gentoo-dev 2019-12-26 18:45:56 UTC 
amd64 stable
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2019-12-27 17:21:25 UTC 
arm64 stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2019-12-28 12:35:11 UTC 
ia64 stable
Comment 6 Rolf Eike Beer archtester 2019-12-29 20:07:54 UTC 
hppa/sparc stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-12-30 12:29:22 UTC 
x86 stable
Comment 8 Agostino Sarubbo gentoo-dev 2019-12-30 15:34:00 UTC 
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2019-12-30 15:53:47 UTC 
ppc stable
Comment 10 Agostino Sarubbo gentoo-dev 2020-01-01 12:53:41 UTC 
arm stable
Comment 11 Agostino Sarubbo gentoo-dev 2020-01-03 12:30:53 UTC 
s390 stable
Comment 12 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-19 16:34:43 UTC 
New GLSA request filed.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2020-03-19 16:43:01 UTC 
This issue was resolved and addressed in
 GLSA 202003-41 at https://security.gentoo.org/glsa/202003-41
by GLSA coordinator Thomas Deutschmann (whissi).