Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 426502 (CVE-2012-2090)

Summary: <games-simulation/flightgear-3.4.0, <dev-games/simgear-3.4.0: Multiple buffer overflows and format string vulnerabilities (CVE-2012-{2090,2091})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: bytbox, games
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2012-07-14 00:09:13 UTC 
CVE-2012-2091 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2091):
  Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and
  earlier allow user-assisted remote attackers to cause a denial of service
  (crash) and possibly execute arbitrary code via a (1) long string in a rotor
  tag of an aircraft xml model to the Rotor::getValueforFGSet function in
  src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read
  function in simgear/simgear/simgear/io/sg_socket_udp.cxx.

CVE-2012-2090 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2090):
  Multiple format string vulnerabilities in FlightGear 2.6 and earlier and
  SimGear 2.6 and earlier allow user-assisted remote attackers to cause a
  denial of service and possibly execute arbitrary code via format string
  specifiers in certain data chunk values in an aircraft xml model to (1)
  fgfs/flightgear/src/Cockpit/panel.cxx or (2)
  fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to
  simgear/simgear/scene/model/SGText.cxx.
Comment 1 Sergey Popov gentoo-dev 2013-11-11 15:11:23 UTC 
@maintainers: your opinion? upstream seems put this into low priority in discussion[1], but maybe i miss something.

Probably we should mask this

[1] - http://sourceforge.net/mailarchive/message.php?msg_id=28957051
Comment 2 Maciej Mrozowski gentoo-dev 2015-05-14 22:44:39 UTC 
Affected versions are long gone from repository. Just sayin..
Comment 3 Sergey Popov gentoo-dev 2015-05-16 06:04:06 UTC 
Oops, it seems we missed resolution on this

New GLSA request is filed
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2016-03-12 23:18:29 UTC 
This issue was resolved and addressed in
 GLSA 201603-12 at https://security.gentoo.org/glsa/201603-12
by GLSA coordinator Kristian Fiskerstrand (K_F).