Bugzilla – Bug 1219820
VUL-0: CVE-2024-25443: hugin: use-after-free via HuginBase::ImageVariable<double>::linkWith
Last modified: 2024-02-14 17:05:01 UTC
An issue in the HuginBase::ImageVariable<double>::linkWith function of Hugin v2022.0.0 allows attackers to cause a heap-use-after-free via parsing a crafted image. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-25443 https://www.cve.org/CVERecord?id=CVE-2024-25443 https://bugs.launchpad.net/hugin/+bug/2025035 https://bugzilla.redhat.com/show_bug.cgi?id=2263555
Not sure about correct reproducing command, I get however: 2022.0.0 :/219820 # pto_merge poc-file.txt poc-file.txt Segmentation fault (core dumped) :/219820 # 2023.0.0 :/219819 # pto_merge poc-file.txt poc-file.txt error while parsing panos tool script: poc-file.txt :/219820 # Upstream bug suggests the issue was fixed in Hugin 2023.0beta1.
This is an autogenerated message for OBS integration: This bug (1219820) was mentioned in https://build.opensuse.org/request/show/1146413 Backports:SLE-15-SP5 / hugin
Submitted a version update (-> 2023.0.0) for b15sp6 and b15sp5. I believe all fixed.
This is an autogenerated message for OBS integration: This bug (1219820) was mentioned in https://build.opensuse.org/request/show/1146570 Factory / hugin https://build.opensuse.org/request/show/1146575 Backports:SLE-15-SP6 / hugin
openSUSE-SU-2024:0047-1: An update that fixes four vulnerabilities is now available. Category: security (important) Bug References: 1219819,1219820,1219821,1219822 CVE References: CVE-2024-25442,CVE-2024-25443,CVE-2024-25445,CVE-2024-25446 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): hugin-2023.0.0-bp155.2.3.1