[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#860788: jbig2dec: CVE-2017-7975: Out-of-bound memory write vulnerability due to integer overflow in function jbig2_build_huffman_table

Control: tags -1 + fixed-upstream

On Thu, Apr 20, 2017 at 08:15:29AM +0200, Salvatore Bonaccorso wrote:
> Source: jbig2dec
> Version: 0.13-4
> Severity: important
> Tags: upstream security
> Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697693
> Control: found -1 0.13-4~deb8u1
> 
> Hi,
> 
> the following vulnerability was published for jbig2dec.
> 
> CVE-2017-7975[0]:
> | Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds
> | writes because of an integer overflow in the jbig2_build_huffman_table
> | function in jbig2_huffman.c during operations on a crafted JBIG2 file,
> | leading to a denial of service (application crash) or possibly
> | execution of arbitrary code.

Fixed in
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5e57e483298dae8b

Regards,
Salvatore
Reply to: