Bug 1198588 - (CVE-2022-24859) VUL-0: CVE-2022-24859: python-pypdf, python-PyPDF2: infinite loop vulnerability
(CVE-2022-24859)
VUL-0: CVE-2022-24859: python-pypdf, python-PyPDF2: infinite loop vulnerability
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.4
Other Other
: P3 - Medium : Minor (vote)
: ---
Assigned To: Simon Lees
Security Team bot
https://smash.suse.de/issue/329445/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-04-19 08:28 UTC by Hu
Modified: 2022-04-19 09:15 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hu 2022-04-19 08:28:20 UTC
rh#2076488

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content stream. The reason is that the last while-loop in `ContentStream._readInlineImage` only terminates when it finds the `EI` token, but never actually checks if the stream has already ended. This issue has been resolved in version `1.27.5`. Users unable to upgrade should validate and PDFs prior to iterating over their content stream.

https://github.com/py-pdf/PyPDF2/security/advisories/GHSA-xcjx-m2pj-8g79
https://github.com/py-pdf/PyPDF2/pull/740
https://github.com/py-pdf/PyPDF2/issues/329
https://github.com/py-pdf/PyPDF2/releases/tag/1.27.5

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2076488
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24859
https://github.com/py-pdf/PyPDF2/security/advisories/GHSA-xcjx-m2pj-8g79
https://github.com/py-pdf/PyPDF2/issues/329
https://github.com/py-pdf/PyPDF2/releases/tag/1.27.5
https://github.com/py-pdf/PyPDF2/pull/740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24859
Comment 1 Hu 2022-04-19 08:28:56 UTC
Affected:
- openSUSE:Backports:SLE-15-SP3/python-PyPDF2   1.26.0
- openSUSE:Backports:SLE-15-SP4/python-PyPDF2   1.26.0
- openSUSE:Factory/python-PyPDF2                1.26.0
- openSUSE:Backports:SLE-15-SP3/python-pypdf    1.13