CLD-185 Details
Other IDs this deficiency may be known by:
Basic Information:
Affected Package(s) |
gimp |
Deficiency Type |
SECURITY |
Date Created |
2017-12-21 09:51:06 |
Date Last Modified |
2017-12-30 13:44:03 |
Version Specific Information:
Cucumber 1.0 i686 | fixed in gimp-2.8.22-i686-4 |
Cucumber 1.0 x86_64 | fixed in gimp-2.8.22-x86_64-4 and gimp-lib_i686-2.8.22-lib_i686-4 |
Cucumber 1.1 i686 |
fixed in gimp-2.8.22-i686-4 |
Cucumber 1.1 x86_64 |
fixed in gimp-2.8.22-x86_64-4 and gimp-lib_i686-2.8.22-lib_i686-4 |
Details:
=================================== Overview ===================================
From https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784:
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in
plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of
UTF-8 data.
================================ Initial Report ================================
From Hanno Bock on Gnome Bugzilla
(https://bugzilla.gnome.org/show_bug.cgi?id=790784):
The attached sample file will cause a heap buffer overread in the gbr import
parser. This can be detected with address sanitizer.
I haven't fully analyzed it, but judging on the function names it looks like
either malformed utf8 or a non-terminated string is causing this (may be
similar to #790783).
============================ Additional Information ============================
See http://www.openwall.com/lists/oss-security/2017/12/19/5
================================= Our Analysis =================================
----- Affected Products -----
Versions of GIMP up to and including 2.8.22 are vulnerable to this
vulnerability. This includes GIMP as originally packages in Cucumber Linux 1.0
and 1.1. As of the writing of this analysis (Thu Dec 21 11:13:35 EST 2017),
2.8.22 is the latest stable version of GIMP; future releases may or may not be
affected.
A patch was released on 2017-12-21 11:29:24 (GMT) fixing this vulnerability. It
can be found at
https://git.gnome.org/browse/gimp/commit/?id=c57f9dcf1934a9ab0cd67650f2dea18cb0902270.
----- Scope and Impact of this Vulnerability -----
This vulnerability can result in a heap buffer overread.
----- Fix for this Vulnerability -----
This vulnerability can be fixed by applying the patch at
https://git.gnome.org/browse/gimp/commit/?id=c57f9dcf1934a9ab0cd67650f2dea18cb0902270.
================================= Our Solution =================================
We have applied the aforementioned patch and rebuilt GIMP.