Bug List: (1 of 1) First Last Prev Next   Show last search results
Bug 1005009 (CVE-2016-8694) - VUL-0: CVE-2016-8694,CVE-2016-8695,CVE-2016-8696,CVE-2016-8697,CVE-2016-8698,CVE-2016-8699,CVE-2016-8700,CVE-2016-8701,CVE-2016-8702,CVE-2016-8703: potrace: Multiple crashes
Summary: VUL-0: CVE-2016-8694,CVE-2016-8695,CVE-2016-8696,CVE-2016-8697,CVE-2016-8698,...
Status: RESOLVED DUPLICATE of bug 951760
Alias: CVE-2016-8694
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other openSUSE 42.1
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Stanislav Brabec
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-17 07:52 UTC by Johannes Segitz
Modified: 2017-03-02 18:23 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-10-17 07:52:19 UTC 
From: Agostino Sarubbo

> https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/

> AddressSanitizer: SEGV on unknown address
> 0x4f027b in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:717:4

Use CVE-2016-8694.

> AddressSanitizer: SEGV on unknown address
> 0x4f0957 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:744:4

Use CVE-2016-8695.

> AddressSanitizer: SEGV on unknown address
> 0x4f10b7 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:651:11

Use CVE-2016-8696.

> https://blogs.gentoo.org/ago/2016/08/08/potrace-divide-by-zero-in-bm_new-bitmap-h/

> AddressSanitizer: FPE on unknown address
> 0x508d51 in bm_new /tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap.h:63:24

Use CVE-2016-8697.

> https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/

> AddressSanitizer: heap-buffer-overflow ... READ of size 4
> 0x4f3709 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:717:4

Use CVE-2016-8698.

> AddressSanitizer: heap-buffer-overflow ... READ of size 4
> 0x4f3728 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:651:11

Use CVE-2016-8699.

> AddressSanitizer: heap-buffer-overflow ... READ of size 4
> 0x4f37a8 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:652:11

Use CVE-2016-8700.

> AddressSanitizer: heap-buffer-overflow ... READ of size 4
> 0x4f3829 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:690:4

Use CVE-2016-8701.

> AddressSanitizer: heap-buffer-overflow ... READ of size 4
> 0x4f38d4 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:744:4

Use CVE-2016-8702.

> AddressSanitizer: heap-buffer-overflow ... READ of size 4
> 0x4f3947 in bm_readbody_bmp /var/tmp/portage/media-gfx/potrace-1.12/work/potrace-1.12/src/bitmap_io.c:601:2

Use CVE-2016-8703.
Comment 1 Swamp Workflow Management 2016-10-17 22:01:12 UTC 
bugbot adjusting priority
Comment 2 Stanislav Brabec 2017-03-02 18:23:51 UTC 
These CVE were assigned ex-post, about one year after releasing a fix in potrace-1.13. We already handled this vulnerability in past.

*** This bug has been marked as a duplicate of bug 951760 ***
Bug List: (1 of 1) First Last Prev Next   Show last search results