Mailinglist Archive: opensuse-bugs (6095 mails)

< Previous Next >
[Bug 1089731] New: VUL-1: CVE-2018-10113: gegl: The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Mon, 16 Apr 2018 15:30:50 +0000
  • Message-id: <bug-1089731-21960@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=1089731


Bug ID: 1089731
Summary: VUL-1: CVE-2018-10113: gegl: The process function in
operations/external/ppm-load.c has unbounded memory
allocation, leading to a denial of service
Classification: openSUSE
Product: openSUSE Distribution
Version: Leap 42.3
Hardware: Other
URL: https://smash.suse.de/issue/204019/
OS: openSUSE Factory
Status: NEW
Severity: Minor
Priority: P5 - None
Component: Security
Assignee: sbrabec@xxxxxxxx
Reporter: jsegitz@xxxxxxxx
QA Contact: security-team@xxxxxxx
Found By: Security Response Team
Blocker: ---

Created attachment 767311
--> http://bugzilla.opensuse.org/attachment.cgi?id=767311&action=edit
Reproducer

CVE-2018-10113

An issue was discovered in GEGL through 0.3.32. The process function in
operations/external/ppm-load.c has unbounded memory allocation, leading to a
denial of service (application crash) upon allocation failure.

Reproducer: gegl gegl-dos-1

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10113

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
Follow Ups