Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 548002 (CVE-2015-3418) - <x11-base/xorg-server-1.12.4-r5: divide-by-zero when calculating image height (CVE-2015-3418)
Summary: <x11-base/xorg-server-1.12.4-r5: divide-by-zero when calculating image height...
Status: RESOLVED FIXED
Alias: CVE-2015-3418
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: A3 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-28 12:53 UTC by Agostino Sarubbo
Modified: 2017-01-25 13:09 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-04-28 12:53:47 UTC
From ${URL} :

A divide-by-zero flaw was found in the way the X.Org server calculated the height of certain 
images. A malicious, authenticated client could use this flaw to crash the X.Org server.

According to http://seclists.org/oss-sec/2015/q2/275 , this was introduced by the fix for the 
CVE-2014-8092 issue.

Upstream patch:

http://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Agostino Sarubbo gentoo-dev 2015-04-28 12:55:42 UTC
This issue obviously does not affect our latest stable xorg but only 1.12.4-r4.

You can choose between:
1) Patch and stabilize 1.12
2) Remove 1.12
Comment 2 Chí-Thanh Christopher Nguyễn gentoo-dev 2015-04-28 15:40:09 UTC
The fix has now been committed to the tree. The only stable version of xorg-server which was ever affected by this bug is 1.12.4-r4.
Comment 3 Chí-Thanh Christopher Nguyễn gentoo-dev 2015-06-10 07:24:12 UTC
Arches, please stabilize x11-base/xorg-server-1.12.4-r5
Comment 4 Agostino Sarubbo gentoo-dev 2015-06-10 14:53:24 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2015-06-11 07:18:03 UTC
x86 stable
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2015-06-13 04:53:47 UTC
(In reply to Agostino Sarubbo from comment #4)
> amd64 stable

No.

(In reply to Agostino Sarubbo from comment #5)
> x86 stable

No.

Stable for PPC64.
Comment 7 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-06-13 09:19:15 UTC
amd64 stable
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-06-13 10:55:12 UTC
x86 stable
Comment 9 Markus Meier gentoo-dev 2015-06-14 19:50:50 UTC
arm stable
Comment 10 Agostino Sarubbo gentoo-dev 2015-06-17 08:52:05 UTC
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2015-06-24 07:57:47 UTC
ppc stable
Comment 12 Agostino Sarubbo gentoo-dev 2015-07-03 09:57:27 UTC
alpha stable
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2015-07-06 11:56:49 UTC
CVE-2015-3418 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3418):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
  
  ** TEMPORARY **
  A divide-by-zero flaw was found in the way the X.Org server calculated the
  height of certain images. A malicious, authenticated client could use this
  flaw to crash the X.Org server.
Comment 14 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-15 20:56:23 UTC
ia64 stable
Comment 15 Yury German Gentoo Infrastructure gentoo-dev 2015-07-16 14:04:06 UTC
All arches are done.

New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 16 Manuel Rüger (RETIRED) gentoo-dev 2015-07-16 14:07:07 UTC
Cleanup done.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2017-01-25 13:09:02 UTC
This issue was resolved and addressed in
 GLSA 201701-64 at https://security.gentoo.org/glsa/201701-64
by GLSA coordinator Thomas Deutschmann (whissi).