Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 807784 (CVE-2020-21675, CVE-2020-21676, CVE-2020-21678, CVE-2020-21680, CVE-2020-21681, CVE-2020-21682, CVE-2020-21683, CVE-2020-21684) - media-gfx/xfig: multiple vulnerabilities (CVE-2020-{21675,21676,21678,21680,21681,21682,21683,21684})
Summary: media-gfx/xfig: multiple vulnerabilities (CVE-2020-{21675,21676,21678,21680,2...
Status: CONFIRMED
Alias: CVE-2020-21675, CVE-2020-21676, CVE-2020-21678, CVE-2020-21680, CVE-2020-21681, CVE-2020-21682, CVE-2020-21683, CVE-2020-21684
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-08-12 03:55 UTC by John Helmert III
Modified: 2021-08-12 03:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-08-12 03:55:14 UTC
CVE-2020-21675 (https://sourceforge.net/p/mcj/tickets/78/):

A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

CVE-2020-21676 (https://sourceforge.net/p/mcj/tickets/76/):

A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVE-2020-21678 (https://sourceforge.net/p/mcj/tickets/71/):

A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.

CVE-2020-21680 (https://sourceforge.net/p/mcj/tickets/74/):

A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

CVE-2020-21681 (https://sourceforge.net/p/mcj/tickets/73/):

A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

CVE-2020-21682 (https://sourceforge.net/p/mcj/tickets/72/):

A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

CVE-2020-21683 (https://sourceforge.net/p/mcj/tickets/77/):

A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVE-2020-21684 (https://sourceforge.net/p/mcj/tickets/75/):

A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.


All upstream bug reports are closed with references to commits. As with bug
718806 and bug 753962, transfig may be vulnerable too.