Bug 1114519 - (CVE-2018-3977) VUL-0: CVE-2018-3977: SDL_image,SDL2_image: XCF image can cause a heap overflow, resulting in code execution
(CVE-2018-3977)
VUL-0: CVE-2018-3977: SDL_image,SDL2_image: XCF image can cause a heap overfl...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/218525/
CVSSv3:RedHat:CVE-2018-3977:8.8:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-11-02 15:42 UTC by Robert Frohl
Modified: 2020-04-28 15:29 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2018-11-02 15:42:20 UTC
CVE-2018-3977

An exploitable code execution vulnerability exists in the XCF image rendering
functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a
heap overflow, resulting in code execution. An attacker can display a specially
crafted image to trigger this vulnerability.

upstream patch:
https://hg.libsdl.org/SDL_image/rev/170d7d32e4a8

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3977
http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3977.html
http://www.cvedetails.com/cve/CVE-2018-3977/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3977
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645
Comment 1 Robert Frohl 2018-11-02 15:55:17 UTC
reported for SDL2_image but from the code it seems that SDL_image is affected too
Comment 2 Swamp Workflow Management 2018-11-09 06:00:06 UTC
This is an autogenerated message for OBS integration:
This bug (1114519) was mentioned in
https://build.opensuse.org/request/show/647453 15.0 / SDL_image
https://build.opensuse.org/request/show/647454 15.0 / SDL2_image
https://build.opensuse.org/request/show/647455 42.3 / SDL_image
https://build.opensuse.org/request/show/647456 42.3 / SDL2_image
Comment 3 Swamp Workflow Management 2018-11-09 09:20:26 UTC
This is an autogenerated message for OBS integration:
This bug (1114519) was mentioned in
https://build.opensuse.org/request/show/647528 42.3 / SDL2_image
https://build.opensuse.org/request/show/647529 15.0 / SDL2_image
Comment 4 Swamp Workflow Management 2018-11-20 20:28:07 UTC
openSUSE-SU-2018:3828-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1089087,1114519
CVE References: CVE-2018-3839,CVE-2018-3977
Sources used:
openSUSE Leap 42.3 (src):    SDL2_image-2.0.4-13.13.1
Comment 5 Swamp Workflow Management 2018-11-22 20:09:51 UTC
SUSE-SU-2018:3861-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1114519
CVE References: CVE-2018-3977
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    SDL_image-1.2.6-84.46.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    SDL_image-1.2.6-84.46.1
Comment 6 Swamp Workflow Management 2018-11-24 17:14:54 UTC
openSUSE-SU-2018:3896-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1089087,1114519
CVE References: CVE-2018-3839,CVE-2018-3977
Sources used:
openSUSE Leap 15.0 (src):    SDL2_image-2.0.4-lp150.2.3.1
Comment 7 Swamp Workflow Management 2018-11-24 23:08:52 UTC
openSUSE-SU-2018:3906-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1089087,1114519
CVE References: CVE-2018-3839,CVE-2018-3977
Sources used:
openSUSE Backports SLE-15 (src):    SDL2_image-2.0.4-bp150.3.3.1
Comment 8 Alexandros Toptsoglou 2020-04-28 15:29:33 UTC
Done