Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 548002 (CVE-2015-3418)

Summary: <x11-base/xorg-server-1.12.4-r5: divide-by-zero when calculating image height (CVE-2015-3418)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: x11
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1216020
Whiteboard: A3 [glsa cve]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2015-04-28 12:53:47 UTC 
From ${URL} :

A divide-by-zero flaw was found in the way the X.Org server calculated the height of certain 
images. A malicious, authenticated client could use this flaw to crash the X.Org server.

According to http://seclists.org/oss-sec/2015/q2/275 , this was introduced by the fix for the 
CVE-2014-8092 issue.

Upstream patch:

http://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Agostino Sarubbo gentoo-dev 2015-04-28 12:55:42 UTC 
This issue obviously does not affect our latest stable xorg but only 1.12.4-r4.

You can choose between:
1) Patch and stabilize 1.12
2) Remove 1.12
Comment 2 Chí-Thanh Christopher Nguyễn gentoo-dev 2015-04-28 15:40:09 UTC 
The fix has now been committed to the tree. The only stable version of xorg-server which was ever affected by this bug is 1.12.4-r4.
Comment 3 Chí-Thanh Christopher Nguyễn gentoo-dev 2015-06-10 07:24:12 UTC 
Arches, please stabilize x11-base/xorg-server-1.12.4-r5
Comment 4 Agostino Sarubbo gentoo-dev 2015-06-10 14:53:24 UTC 
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2015-06-11 07:18:03 UTC 
x86 stable
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2015-06-13 04:53:47 UTC 
(In reply to Agostino Sarubbo from comment #4)
> amd64 stable

No.

(In reply to Agostino Sarubbo from comment #5)
> x86 stable

No.

Stable for PPC64.
Comment 7 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-06-13 09:19:15 UTC 
amd64 stable
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-06-13 10:55:12 UTC 
x86 stable
Comment 9 Markus Meier gentoo-dev 2015-06-14 19:50:50 UTC 
arm stable
Comment 10 Agostino Sarubbo gentoo-dev 2015-06-17 08:52:05 UTC 
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2015-06-24 07:57:47 UTC 
ppc stable
Comment 12 Agostino Sarubbo gentoo-dev 2015-07-03 09:57:27 UTC 
alpha stable
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2015-07-06 11:56:49 UTC 
CVE-2015-3418 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3418):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
  
  ** TEMPORARY **
  A divide-by-zero flaw was found in the way the X.Org server calculated the
  height of certain images. A malicious, authenticated client could use this
  flaw to crash the X.Org server.
Comment 14 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-15 20:56:23 UTC 
ia64 stable
Comment 15 Yury German Gentoo Infrastructure gentoo-dev 2015-07-16 14:04:06 UTC 
All arches are done.

New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 16 Manuel Rüger (RETIRED) gentoo-dev 2015-07-16 14:07:07 UTC 
Cleanup done.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2017-01-25 13:09:02 UTC 
This issue was resolved and addressed in
 GLSA 201701-64 at https://security.gentoo.org/glsa/201701-64
by GLSA coordinator Thomas Deutschmann (whissi).