Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 616470 (CVE-2017-7875) - <media-gfx/feh-2.18.3: Integer overflow in wallpaper.c while receiving an IPC message
Summary: <media-gfx/feh-2.18.3: Integer overflow in wallpaper.c while receiving an IPC...
Status: RESOLVED FIXED
Alias: CVE-2017-7875
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-24 11:39 UTC by Agostino Sarubbo
Modified: 2017-07-08 12:40 UTC (History)
2 users (show)

See Also:
Package list:
=media-gfx/feh-2.18.3
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-04-24 11:39:01 UTC
From ${URL} :

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC 
message. An integer overflow leads to a buffer overflow and/or a double free.

Upstream patch:

https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d

References:

https://feh.finalrewind.org/archive/2.18.3/


@maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Comment 1 Tim Harder gentoo-dev 2017-04-25 01:38:48 UTC
Feel free to start stabilization.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2017-04-28 21:54:31 UTC
Arches, please test and mark stable:

=media-gfx/feh-2.18.3

Target Keywords : "amd64 ppc ppc64 x86"

Thank you!
Comment 3 Agostino Sarubbo gentoo-dev 2017-04-29 14:49:33 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2017-04-29 15:06:32 UTC
ppc stable
Comment 5 Agostino Sarubbo gentoo-dev 2017-04-30 09:40:26 UTC
ppc64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2017-05-04 15:56:26 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 7 Yury German Gentoo Infrastructure gentoo-dev 2017-05-05 00:03:57 UTC
Maintainer(s), Thank you for your work.
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 8 Markus Meier gentoo-dev 2017-05-05 04:45:29 UTC
(In reply to Yury German from comment #7)
> Maintainer(s), please drop the vulnerable version(s).

done.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2017-07-08 12:40:26 UTC
This issue was resolved and addressed in
 GLSA 201707-08 at https://security.gentoo.org/glsa/201707-08
by GLSA coordinator Thomas Deutschmann (whissi).