Bugzilla – Bug 1117464
VUL-1: CVE-2018-19491: gnuplot: an attacker can conduct a buffer overflow with an arbitrary amount of data in the PS_options function
Last modified: 2020-07-13 12:32:10 UTC
CVE-2018-19491 An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19491 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-19491.html http://www.cvedetails.com/cve/CVE-2018-19491/ https://sourceforge.net/p/gnuplot/bugs/2094/
Same upstream patch [0] for gnuplot 5.2 as bsc#1117463 and bsc#1117465. In this case the changes to post.trm are significant. [0] https://sourceforge.net/p/gnuplot/gnuplot-main/ci/e3cc539c23ceb1640395236248f0ab5a26397557/
My investigation suggests that the following streams are affected: - SUSE:SLE-15:Update/gnuplot - SUSE:SLE-12:Update/gnuplot - SUSE:SLE-11:Update/gnuplot - SUSE:SLE-10-SP3:Update/gnuplot on sle-10 the code is different, but I believe it is still affected in 'term/post.trm:951'
SUSE-SU-2019:0904-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 1117463,1117464,1117465 CVE References: CVE-2018-19490,CVE-2018-19491,CVE-2018-19492 Sources used: SUSE Linux Enterprise Module for Server Applications 15 (src): gnuplot-5.2.2-3.3.29 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2019:1216-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 1117463,1117464,1117465 CVE References: CVE-2018-19490,CVE-2018-19491,CVE-2018-19492 Sources used: openSUSE Leap 15.0 (src): gnuplot-5.2.2-lp150.3.3.1
SUSE-SU-2020:14388-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1044638,1117463,1117464,1117465,375175 CVE References: CVE-2017-9670,CVE-2018-19490,CVE-2018-19491,CVE-2018-19492 Sources used: SUSE Linux Enterprise Debuginfo 11-SP4 (src): gnuplot-4.2.3-7.3.22 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1660-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1044638,1117463,1117464,1117465 CVE References: CVE-2017-9670,CVE-2018-19490,CVE-2018-19491,CVE-2018-19492 Sources used: SUSE Linux Enterprise Server 12-SP5 (src): gnuplot-4.6.5-3.3.74 SUSE Linux Enterprise Server 12-SP4 (src): gnuplot-4.6.5-3.3.74 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Done