Bugzilla – Bug 1124150
VUL-1: CVE-2019-7310: poppler: A heap-based buffer over-read allows remote attackers to cause DOS via a special crafted PDF
Last modified: 2022-05-18 19:22:27 UTC
CVE-2019-7310 In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7310 https://gitlab.freedesktop.org/poppler/poppler/issues/717 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797
Reproducer[1] works only in Factory (version 0.72). Tried reproducing in version 0.68(Factory version before the recent update), 0.62, and 0.43 without success. A fix has been already pushed to master with the commit at[2] To run the reproducer you need to run: pdftocairo -png $POC [1] https://gitlab.freedesktop.org/poppler/poppler/issues/717 [2] https://gitlab.freedesktop.org/poppler/poppler/commit/b54e1fc3e0d2600621a28d50f9f085b9e38619c2
This is automated batch bugzilla cleanup. The openSUSE 42.3 changed to end-of-life (EOL [1]) status. As such it is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of openSUSE (At this moment openSUSE Leap 15.1, 15.0 and Tumbleweed) please feel free to reopen this bug against that version (!you must update the "Version" component in the bug fields, do not just reopen please), or alternatively create a new ticket. Thank you for reporting this bug and we are sorry it could not be fixed during the lifetime of the release. [1] https://en.opensuse.org/Lifetime
factory unfixed
SUSE-SU-2021:3854-1: An update that fixes 21 vulnerabilities is now available. Category: security (important) Bug References: 1092945,1102531,1107597,1114966,1115185,1115186,1115187,1115626,1120495,1120496,1120939,1120956,1124150,1127329,1129202,1130229,1131696,1131722,1142465,1143950,1179163 CVE References: CVE-2017-18267,CVE-2018-13988,CVE-2018-16646,CVE-2018-18897,CVE-2018-19058,CVE-2018-19059,CVE-2018-19060,CVE-2018-19149,CVE-2018-20481,CVE-2018-20551,CVE-2018-20650,CVE-2018-20662,CVE-2019-10871,CVE-2019-10872,CVE-2019-14494,CVE-2019-7310,CVE-2019-9200,CVE-2019-9631,CVE-2019-9903,CVE-2019-9959,CVE-2020-27778 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP2 (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise Server for SAP 15 (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise Server 15-LTSS (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): poppler-0.62.0-4.6.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): poppler-0.62.0-4.6.1 SUSE Enterprise Storage 6 (src): poppler-0.62.0-4.6.1 SUSE CaaS Platform 4.0 (src): poppler-0.62.0-4.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2021:3854-1: An update that fixes 21 vulnerabilities is now available. Category: security (important) Bug References: 1092945,1102531,1107597,1114966,1115185,1115186,1115187,1115626,1120495,1120496,1120939,1120956,1124150,1127329,1129202,1130229,1131696,1131722,1142465,1143950,1179163 CVE References: CVE-2017-18267,CVE-2018-13988,CVE-2018-16646,CVE-2018-18897,CVE-2018-19058,CVE-2018-19059,CVE-2018-19060,CVE-2018-19149,CVE-2018-20481,CVE-2018-20551,CVE-2018-20650,CVE-2018-20662,CVE-2019-10871,CVE-2019-10872,CVE-2019-14494,CVE-2019-7310,CVE-2019-9200,CVE-2019-9631,CVE-2019-9903,CVE-2019-9959,CVE-2020-27778 JIRA References: Sources used: openSUSE Leap 15.3 (src): poppler-0.62.0-4.6.1
SUSE-SU-2022:1723-1: An update that fixes 8 vulnerabilities is now available. Category: security (moderate) Bug References: 1124150,1129202,1130229,1131696,1131722,1142465,1143950,1179163 CVE References: CVE-2019-10871,CVE-2019-10872,CVE-2019-14494,CVE-2019-7310,CVE-2019-9631,CVE-2019-9903,CVE-2019-9959,CVE-2020-27778 JIRA References: Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): poppler-0.43.0-16.19.3, poppler-qt-0.43.0-16.19.3 SUSE Linux Enterprise Server 12-SP5 (src): poppler-0.43.0-16.19.3, poppler-qt-0.43.0-16.19.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:1724-1: An update that fixes 7 vulnerabilities is now available. Category: security (moderate) Bug References: 1124150,1129202,1131696,1131722,1142465,1143950,1179163 CVE References: CVE-2019-10871,CVE-2019-10872,CVE-2019-14494,CVE-2019-7310,CVE-2019-9631,CVE-2019-9959,CVE-2020-27778 JIRA References: Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): poppler-0.24.4-14.20.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.