Mailinglist Archive: opensuse-bugs (4247 mails)

< Previous Next >
[Bug 1019877] New: VUL-0: CVE-2016-10132,CVE-2016-10133,CVE-2016-10141: mupfg: mujs: Multiple security issues
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Fri, 13 Jan 2017 14:46:45 +0000
  • Message-id: <bug-1019877-21960@http.bugzilla.suse.com/>
http://bugzilla.suse.com/show_bug.cgi?id=1019877


Bug ID: 1019877
Summary: VUL-0: CVE-2016-10132,CVE-2016-10133,CVE-2016-10141:
mupfg: mujs: Multiple security issues
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.2
Hardware: Other
OS: Other
Status: NEW
Severity: Minor
Priority: P5 - None
Component: Security
Assignee: idonmez@xxxxxxxx
Reporter: astieger@xxxxxxxx
QA Contact: qa-bugs@xxxxxxx
CC: gber@xxxxxxxxxxxx, idonmez@xxxxxxxx,
security-team@xxxxxxx
Found By: Security Response Team
Blocker: ---

http://seclists.org/oss-sec/2017/q1/76

1. Null pointer dereference in regexp.c

The return value from malloc is not properly checked before
dereferencing it which can result in a crash.

https://bugs.ghostscript.com/show_bug.cgi?id=697381

http://git.ghostscript.com/?p=mujs.git;h=fd003eceda531e13fbdd1aeb6e9c73156496e569


Use CVE-2016-10132 for all of
fd003eceda531e13fbdd1aeb6e9c73156496e569.


2. Heap buffer overflow write in jsrun.c: js_stackoverflow()

There was a logical error in the code which can be used to trigger a
heap overflow write.

https://bugs.ghostscript.com/show_bug.cgi?id=697401

http://git.ghostscript.com/?p=mujs.git;a=commit;h=77ab465f1c394bb77f00966cd950650f3f53cb24


3. Integer overflow in the regemit function - CVE-2016-10141

An integer overflow vulnerability was observed in the regemit function
in regexp.c in Artifex Software, Inc. MuJS before
fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular
expression with nested repetition. A successful exploitation of this
issue can lead to code execution or a denial of service (buffer
overflow) condition.

Upstream bug:

https://bugs.ghostscript.com/show_bug.cgi?id=697448

Upstream patch:

http://git.ghostscript.com/?p=mujs.git;h=fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1412967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10141
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10132
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10133
http://seclists.org/oss-sec/2017/q1/76
https://bugs.ghostscript.com/show_bug.cgi?id=697448
http://git.ghostscript.com/?p=mujs.git;h=fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >