807784 – (CVE-2020-21675, CVE-2020-21676, CVE-2020-21678, CVE-2020-21680, CVE-2020-21681, CVE-2020-21682, CVE-2020-21683, CVE-2020-21684) media-gfx/xfig: multiple vulnerabilities (CVE-2020-{21675,21676,21678,21680,21681,21682,21683,21684})

Bug 807784 (CVE-2020-21675, CVE-2020-21676, CVE-2020-21678, CVE-2020-21680, CVE-2020-21681, CVE-2020-21682, CVE-2020-21683, CVE-2020-21684) - media-gfx/xfig: multiple vulnerabilities (CVE-2020-{21675,21676,21678,21680,21681,21682,21683,21684})

Summary: media-gfx/xfig: multiple vulnerabilities (CVE-2020-{21675,21676,21678,21680,2...

Status:	CONFIRMED

Alias:	CVE-2020-21675, CVE-2020-21676, CVE-2020-21678, CVE-2020-21680, CVE-2020-21681, CVE-2020-21682, CVE-2020-21683, CVE-2020-21684

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B2 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2021-08-12 03:55 UTC by John Helmert III
Modified:	2021-08-12 03:55 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III gentoo-dev

2021-08-12 03:55:14 UTC

CVE-2020-21675 (https://sourceforge.net/p/mcj/tickets/78/):

A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

CVE-2020-21676 (https://sourceforge.net/p/mcj/tickets/76/):

A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVE-2020-21678 (https://sourceforge.net/p/mcj/tickets/71/):

A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.

CVE-2020-21680 (https://sourceforge.net/p/mcj/tickets/74/):

A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

CVE-2020-21681 (https://sourceforge.net/p/mcj/tickets/73/):

A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

CVE-2020-21682 (https://sourceforge.net/p/mcj/tickets/72/):

A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

CVE-2020-21683 (https://sourceforge.net/p/mcj/tickets/77/):

A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVE-2020-21684 (https://sourceforge.net/p/mcj/tickets/75/):

A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.


All upstream bug reports are closed with references to commits. As with bug
718806 and bug 753962, transfig may be vulnerable too.