First Last Prev Next    This bug is not in your last search results.
Bug 1159921 - (CVE-2019-20093) VUL-0: CVE-2019-20093: podofo: denial of service (NULL pointer dereference) in PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h
(CVE-2019-20093)
VUL-0: CVE-2019-20093: podofo: denial of service (NULL pointer dereference) i...
Status: IN_PROGRESS
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/249930/
CVSSv3.1:SUSE:CVE-2019-20093:5.5:(AV...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-12-30 16:28 UTC by Alexander Bergmann
Modified: 2022-05-16 16:26 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
abergmann: needinfo? (gnome-bugs)

Attachments
podofo_CVE-2019-20093.patch (908 bytes, patch)
2022-04-19 10:58 UTC, Alexander Bergmann 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2019-12-30 16:28:44 UTC 
CVE-2019-20093

The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6
allows remote attackers to cause a denial of service (NULL pointer dereference)
via a crafted file, because of ImageExtractor.cpp.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20093
https://sourceforge.net/p/podofo/tickets/75/
Comment 1 Alexander Bergmann 2022-04-19 10:58:37 UTC 
Created attachment 858239 [details]
podofo_CVE-2019-20093.patch
Comment 2 Alexander Bergmann 2022-04-19 11:02:22 UTC 
There is a proposed fix in comment 1 from the upstream bug report.

https://sourceforge.net/p/podofo/tickets/75/

This could be relevant for our versions, but in the meantime it got marked as obsolete as version "r2035 doesn't dereference the NULL pointer" anymore.

Please check if the proposed comment 1 patch would work for us and submit for:

SUSE:SLE-12:Update
SUSE:SLE-15-SP3:Update
Comment 4 Swamp Workflow Management 2022-04-22 19:20:48 UTC 
SUSE-SU-2022:1316-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1159921
CVE References: CVE-2019-20093
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    podofo-0.9.6-150300.3.3.1
openSUSE Leap 15.3 (src):    podofo-0.9.6-150300.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 5 Swamp Workflow Management 2022-05-16 16:26:09 UTC 
SUSE-SU-2022:1690-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1159921
CVE References: CVE-2019-20093
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    podofo-0.9.2-3.12.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    podofo-0.9.2-3.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
First Last Prev Next    This bug is not in your last search results.