Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 679292 (CVE-2019-9543, CVE-2019-9545)

Summary: app-text/poppler: multiple vulnerabilities (CVE-2019-{9543,9545})
Product: Gentoo Security Reporter: D'juan McDonald (domhnall) <flopwiki>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: normal CC: jospezial, kde, printing, reavertm
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A3 [upstream cve]
Package list:
Runtime testing required: ---

Description D'juan McDonald (domhnall) 2019-03-03 00:52:55 UTC
(https://nvd.nist.gov/vuln/detail/CVE-2019-9545):

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JBIG2Bitmap::clearToZero.

Reference: https://gitlab.freedesktop.org/poppler/poppler/issues/731

(https://nvd.nist.gov/vuln/detail/CVE-2019-9543):

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JArithmeticDecoder::decodeBit.

Reference: https://gitlab.freedesktop.org/poppler/poppler/issues/730


Gentoo Security Padawan
(domhnall)
Comment 1 Agostino Sarubbo gentoo-dev 2019-03-03 08:18:32 UTC
poppler is a common lib, I'd set it to A
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2019-03-07 23:38:35 UTC
CVE-2019-9545 (https://nvd.nist.gov/vuln/detail/CVE-2019-9545):
  An issue was discovered in Poppler 0.74.0. A recursive function call, in
  JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be triggered by
  sending a crafted pdf file to (for example) the pdfimages binary. It allows
  an attacker to cause Denial of Service (Segmentation fault) or possibly have
  unspecified other impact. This is related to JBIG2Bitmap::clearToZero.

CVE-2019-9543 (https://nvd.nist.gov/vuln/detail/CVE-2019-9543):
  An issue was discovered in Poppler 0.74.0. A recursive function call, in
  JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered
  by sending a crafted pdf file to (for example) the pdfseparate binary. It
  allows an attacker to cause Denial of Service (Segmentation fault) or
  possibly have unspecified other impact. This is related to
  JArithmeticDecoder::decodeBit.
Comment 3 jospezial 2019-12-29 00:17:51 UTC
"The latest stable release is poppler-0.84.0.tar.xz, released on December 28, 2019:

Release 0.84.0:
        core:
         * Fix crash when converting from Unicode to ASCII-7
         * Splash::scaleImageYdXu: Protect against crash if srcWidth is too big
         * JBIG2Stream: fix potential crash in malformed documents
         * JBIG2Stream: fix leak in reset() if called several times
         * Internal code improvements

        utils:
         * pdfimages: Add error message if first page is larger then number of pages.
         * pdfinfo: Improved paper size recognition
         * pdfsig: Fix exit code when dumping signatures
         * pdftocairo: Error out when even/odd selects 0 pages
         * pdftohtml: Fix memory leak
         * pdftoppm: Add an option to scale before rotate
         * pdftoppm: Add -hide-annotations option
         * pdftoppm: Error out when even/odd selects 0 pages
         * pdftops: Improve -optimizecolorspace

        qt5:
         * Code cleanups

        glib:
         * Fix compiler warnings
"
Comment 4 Andreas Sturmlechner gentoo-dev 2019-12-29 00:19:10 UTC
Is the release related to this security bug?