Bug 1162501 - (CVE-2019-20446) VUL-0: CVE-2019-20446: librsvg: a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing
(CVE-2019-20446)
VUL-0: CVE-2019-20446: librsvg: a crafted SVG file with nested patterns can c...
Status: IN_PROGRESS
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Federico Mena Quintero
Security Team bot
https://smash.suse.de/issue/252271/
CVSSv3.1:SUSE:CVE-2019-20446:6.5:(AV...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-02-03 13:06 UTC by Alexandros Toptsoglou
Modified: 2021-03-19 19:45 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2020-02-03 13:06:02 UTC
CVE-2019-20446

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested
patterns can cause denial of service when passed to the library for processing.
The attacker constructs pattern elements so that the number of final rendered
objects grows exponentially.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20446
https://gitlab.gnome.org/GNOME/librsvg/issues/515
Comment 1 Federico Mena Quintero 2020-02-21 18:35:53 UTC
I'm looking at how much needs to be backported to SLE's versions of librsvg.
Comment 3 Federico Mena Quintero 2020-03-05 00:25:20 UTC
Submitted librsvg-2.40.21 to SUSE:SLE-12-SP2:Update with id 212989

Submitted librsvg-2.42.8 to SUSE:SLE-15:Update with id 213246
Comment 5 Federico Mena Quintero 2020-03-05 01:16:43 UTC
Does this also need to be updated in SUSE:SLE-11-SP1:Update, for Teradata?
Comment 7 Swamp Workflow Management 2020-03-06 14:27:57 UTC
SUSE-SU-2020:0604-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1162501
CVE References: CVE-2019-20446
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    librsvg-2.40.21-5.9.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    librsvg-2.40.21-5.9.1
SUSE Linux Enterprise Server 12-SP5 (src):    librsvg-2.40.21-5.9.1
SUSE Linux Enterprise Server 12-SP4 (src):    librsvg-2.40.21-5.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Federico Mena Quintero 2020-03-06 16:53:59 UTC
Submitted librsvg-2.40.16 with updates to .20 and .21 to
SUSE:SLE-11-SP1:Update with id 213384.
Comment 10 Swamp Workflow Management 2020-03-10 17:17:24 UTC
SUSE-SU-2020:0629-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1162501
CVE References: CVE-2019-20446
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    librsvg-2.42.8-3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    librsvg-2.42.8-3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    librsvg-2.42.8-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2020-03-15 20:11:55 UTC
openSUSE-SU-2020:0343-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1162501
CVE References: CVE-2019-20446
Sources used:
openSUSE Leap 15.1 (src):    librsvg-2.42.8-lp151.3.3.1
Comment 12 Swamp Workflow Management 2020-07-07 16:22:47 UTC
SUSE-SU-2020:0629-2: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1162501
CVE References: CVE-2019-20446
Sources used:
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 (src):    librsvg-2.42.8-3.3.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 (src):    librsvg-2.42.8-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.