http://bugzilla.opensuse.org/show_bug.cgi?id=1023761 Bug ID: 1023761 Summary: VUL-0: mupdf: heap-based buffer overflow in fz_subsample_pixmap Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Ref: http://seclists.org/oss-sec/2017/q1/322 ================================================== Hello, there in an heap overflow in fz_subsample_pixmap. The bug was discovered by Kamil Frankowicz which said to have tested it against the current git head. The same testcase does not crash the current stable 1.10a, but I can confirm (with a round of fuzzing on 1.10a) that stable is affected. No fix atm. Details: https://bugs.ghostscript.com/show_bug.cgi?id=697515 Reproducer for 1.10a: https://github.com/asarubbo/poc/blob/master/00148-mupdf-heapoverflow-fz_subs... -- Agostino Sarubbo Gentoo Linux Developer ================================================== https://software.opensuse.org/package/mupdf TW and 42.2: 1.10a 42.1: 1.7a -- You are receiving this mail because: You are on the CC list for the bug.