Bug 1035534 (CVE-2017-7994)

Summary: VUL-1: CVE-2017-7994: podofo: denial of service (NULL pointer dereference and application crash) via a crafted PDF document(TextExtractor::ExtractText in TextExtractor.cpp:77)
Product: [Novell Products] SUSE Security Incidents Reporter: Mikhail Kasimov <mikhail.kasimov>
Component: IncidentsAssignee: Antonio Larrosa <alarrosa>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P4 - Low CC: alarrosa, meissner, vpereira
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: PoC_CVE-2017-7994
crash_info_CVE-2017-7994

Description Mikhail Kasimov 2017-04-21 19:47:52 UTC 
Created attachment 722198 [details]
PoC_CVE-2017-7994

Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-7994
===================================================
Description

The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

Source:  MITRE      Last Modified:  04/21/2017
===================================================

Hyperlink:

[1] https://github.com/icepng/PoC/tree/master/PoC1 (PoC and Analysis)
[2] https://icepng.github.io/2017/04/21/PoDoFo-1/

(open-)SUSE: https://software.opensuse.org/package/podofo

0.9.4 (TW, official repo)
0.9.3 (42.{1,2}, official repo)
Comment 1 Mikhail Kasimov 2017-04-21 19:48:58 UTC 
Created attachment 722199 [details]
crash_info_CVE-2017-7994
Comment 4 Antonio Larrosa 2018-06-26 14:33:51 UTC 
Reassign to security-team since a patch was submitted to SUSE:SLE-12:Update in isr 167536
Comment 5 Swamp Workflow Management 2018-08-22 19:10:10 UTC 
SUSE-SU-2018:2481-1: An update that fixes 16 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1023067,1023069,1023070,1023071,1023380,1027778,1027782,1027787,1032017,1032018,1032019,1035534,1035596,1037739,1075772,1084894
CVE References: CVE-2017-5852,CVE-2017-5853,CVE-2017-5854,CVE-2017-5855,CVE-2017-5886,CVE-2017-6840,CVE-2017-6844,CVE-2017-6847,CVE-2017-7378,CVE-2017-7379,CVE-2017-7380,CVE-2017-7994,CVE-2017-8054,CVE-2017-8787,CVE-2018-5308,CVE-2018-8001
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    podofo-0.9.2-3.3.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    podofo-0.9.2-3.3.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    podofo-0.9.2-3.3.1
Comment 6 Marcus Meissner 2018-11-14 09:47:19 UTC 
released
Comment 7 Marcus Meissner 2018-11-14 09:50:50 UTC 
leap 42.3 and 15.0 are not fixed
Comment 8 Swamp Workflow Management 2019-01-10 08:01:17 UTC 
This is an autogenerated message for OBS integration:
This bug (1035534) was mentioned in
https://build.opensuse.org/request/show/664264 42.3 / podofo
https://build.opensuse.org/request/show/664265 15.0 / podofo
Comment 9 Swamp Workflow Management 2019-01-18 20:12:38 UTC 
openSUSE-SU-2019:0066-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 1023067,1023069,1023070,1023071,1023380,1027778,1027779,1027782,1027787,1032017,1032018,1032019,1035534,1035596,1037739,1075021,1075026,1075322,1075772,1084894
CVE References: CVE-2017-5852,CVE-2017-5853,CVE-2017-5854,CVE-2017-5855,CVE-2017-5886,CVE-2017-6840,CVE-2017-6844,CVE-2017-6845,CVE-2017-6847,CVE-2017-7378,CVE-2017-7379,CVE-2017-7380,CVE-2017-7994,CVE-2017-8054,CVE-2017-8787,CVE-2018-5295,CVE-2018-5296,CVE-2018-5308,CVE-2018-5309,CVE-2018-8001
Sources used:
openSUSE Leap 42.3 (src):    podofo-0.9.6-10.3.1
Comment 10 Marcus Meissner 2019-10-31 08:15:16 UTC 
released