user/djvulibre: multiple vulnerabilities
Bugzilla ID | 185 |
Alias(es) | CVE-2019-15142, CVE-2019-15143, CVE-2019-15144, CVE-2019-15145 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2019-08-21 15:18:59 -0500 |
Modified | 2019-09-28 13:37:52 -0500 |
Status | RESOLVED FIXED |
Version | 1.0-BETA3 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Description
CVE-2019-15142: https://nvd.nist.gov/vuln/detail/CVE-2019-15142
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows
attackers to cause a denial-of-service (application crash in
GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based
buffer over-read) by crafting a DJVU file.
CVE-2019-15143: https://nvd.nist.gov/vuln/detail/CVE-2019-15143
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to
cause a denial-of-service error (resource exhaustion caused by a
GBitmap::read_rle_raw infinite loop) by crafting a corrupted image
file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
CVE-2019-15144: https://nvd.nist.gov/vuln/detail/CVE-2019-15144
In DjVuLibre 3.5.27, the sorting functionality (aka
GArrayTemplate::sort) allows attackers to cause a denial-of-
service (application crash due to an Uncontrolled Recursion) by
crafting a PBM image file that is mishandled in libdjvu/GContainer.h.