Bug 1184424 – VUL-1: CVE-2021-20308: htmldoc: htmldoc: Integer overflow in image_load_gif()

Bug 1184424 - (CVE-2021-20308) VUL-1: CVE-2021-20308: htmldoc: htmldoc: Integer overflow in image_load_gif()

(CVE-2021-20308)
Summary:	VUL-1: CVE-2021-20308: htmldoc: htmldoc: Integer overflow in image_load_gif()

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/281091/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-20308:3.3:(AV:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2021-04-07 07:30 UTC by Alexander Bergmann
Modified:	2022-09-20 11:24 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2021-04-07 07:30:11 UTC

rh#1946289

Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181.

Upstream bug:

https://github.com/michaelrsweet/htmldoc/issues/423

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1946289
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20308
https://github.com/michaelrsweet/htmldoc/issues/423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20308

Comment 1 Alexander Bergmann 2021-04-07 07:31:04 UTC

openSUSE:Factory and openSUSE:Leap:15.2 are also affected.

Comment 2 OBSbugzilla Bot 2021-06-01 03:00:03 UTC

This is an autogenerated message for OBS integration:
This bug (1184424) was mentioned in
https://build.opensuse.org/request/show/896496 15.2+Backports:SLE-12-SP1+Backports:SLE-15-SP1+Backports:SLE-15-SP2+Backports:SLE-15-SP3 / htmldoc

Comment 3 OBSbugzilla Bot 2021-06-01 07:30:03 UTC

This is an autogenerated message for OBS integration:
This bug (1184424) was mentioned in
https://build.opensuse.org/request/show/896576 Factory / htmldoc

Comment 4 OBSbugzilla Bot 2021-06-08 13:20:06 UTC

This is an autogenerated message for OBS integration:
This bug (1184424) was mentioned in
https://build.opensuse.org/request/show/898400 Backports:SLE-15-SP3 / htmldoc
https://build.opensuse.org/request/show/898404 Backports:SLE-15-SP2 / htmldoc
https://build.opensuse.org/request/show/898407 15.2 / htmldoc
https://build.opensuse.org/request/show/898413 Backports:SLE-12-SP1 / htmldoc
https://build.opensuse.org/request/show/898416 Backports:SLE-15-SP1 / htmldoc

Comment 5 Swamp Workflow Management 2021-06-16 20:06:15 UTC

openSUSE-SU-2021:0882-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1184424
CVE References: CVE-2021-20308
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    htmldoc-1.9.12-lp152.4.3.1

Comment 6 Swamp Workflow Management 2021-06-17 22:16:31 UTC

openSUSE-SU-2021:0893-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1184424
CVE References: CVE-2021-20308
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP2 (src):    htmldoc-1.9.12-bp152.4.3.1

Comment 7 Swamp Workflow Management 2021-06-18 19:24:26 UTC

openSUSE-SU-2021:0895-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1184424
CVE References: CVE-2021-20308
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP1 (src):    htmldoc-1.9.12-bp151.4.3.1

Comment 8 OBSbugzilla Bot 2021-06-23 22:10:05 UTC

This is an autogenerated message for OBS integration:
This bug (1184424) was mentioned in
https://build.opensuse.org/request/show/901589 Backports:SLE-12-SP1 / htmldoc

Comment 9 Swamp Workflow Management 2021-07-08 19:36:31 UTC

openSUSE-SU-2021:0988-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1184424
CVE References: CVE-2021-20308
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    htmldoc-1.9.12-bp153.2.3.1

Comment 10 Swamp Workflow Management 2021-09-15 13:20:52 UTC

# maintenance_jira_update_notice
openSUSE-SU-2021:1266-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1184424
CVE References: CVE-2021-20308
JIRA References: 
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    htmldoc-1.8.28-6.1

Comment 12 Petr Gajdos 2022-02-11 09:00:36 UTC

Package submitted into 11/htmldoc.

Comment 13 Swamp Workflow Management 2022-02-28 17:19:00 UTC

SUSE-SU-2022:14898-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1158802,1184424,1195758
CVE References: CVE-2019-19630,CVE-2021-20308,CVE-2022-0534
JIRA References: 
Sources used:
Subscription Management Tool for SUSE Linux Enterprise 11-SP3 (src):    htmldoc-1.8.27-170.4.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Carlos López 2022-09-20 11:24:50 UTC

Done, closing.