Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 729326 (CVE-2020-14938, CVE-2020-14939) - games-rpg/freedroidrpg: Multiple Vulnerabilities (CVE-2020-14938, CVE-2020-14939)
Summary: games-rpg/freedroidrpg: Multiple Vulnerabilities (CVE-2020-14938, CVE-2020-14...
Alias: CVE-2020-14938, CVE-2020-14939
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~2 [upstream cve]
Depends on:
Reported: 2020-06-23 16:41 UTC by John Helmert III
Modified: 2020-06-24 22:21 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2020-06-23 16:41:30 UTC
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.

An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading.