Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 687112 (CVE-2019-12493) - <app-text/xpdf-4.0.2: stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc
Summary: <app-text/xpdf-4.0.2: stack-based buffer over-read exists in PostScriptFuncti...
Status: RESOLVED FIXED
Alias: CVE-2019-12493
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://forum.xpdfreader.com/viewtopi...
Whiteboard: ~3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-01 04:20 UTC by D'juan McDonald (domhnall)
Modified: 2020-04-05 07:51 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-06-01 04:20:54 UTC 
(https://nvd.nist.gov/vuln/detail/CVE-2019-12493):

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.

From upstream: "GfxSeparationColorSpace (and also GfxDeviceNColorSpace) were not checking that the tint transform functions had the correct number of inputs (and outputs). That will be fixed in the next release."

Gentoo Security Padawan
(domhnall)
Comment 1 Andrew Savchenko gentoo-dev 2019-10-23 14:37:55 UTC 
Hi,

this bug is fixed in xpdf-4.02 which is now in the tree.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2020-03-16 06:16:24 UTC 
Thank you all for you work. 
Closing as [noglsa].
Comment 3 Andrew Savchenko gentoo-dev 2020-04-05 07:35:53 UTC 
Security team, should this bug be closed as resolved?

Upstream confirms that it is fixed:
* CVE-2019-12493: fixed in 4.02 [GfxState.cc]
https://www.xpdfreader.com/security-fixes.html
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-05 07:51:03 UTC 
(In reply to Andrew Savchenko from comment #3)
> Security team, should this bug be closed as resolved?
> 
> Upstream confirms that it is fixed:
> * CVE-2019-12493: fixed in 4.02 [GfxState.cc]
> https://www.xpdfreader.com/security-fixes.html

Yep, sorry! Closing.