Bug#1084056: libgsf: CVE-2024-36474 CVE-2024-42415
Source: libgsf X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security
Hi, The following vulnerabilities were published for libgsf. CVE-2024-36474[0]: | An integer overflow vulnerability exists in the Compound Document | Binary File format parser of the GNOME Project G Structured File | Library (libgsf) version v1.14.52. A specially crafted file can | result in an integer overflow when processing the directory from the | file that allows for an out-of-bounds index to be used when reading | and writing to an array. This can lead to arbitrary code execution. | An attacker can provide a malicious file to trigger this | vulnerability. https://talosintelligence.com/vulnerability_reports/TALOS-2024-2068 CVE-2024-42415[1]: | An integer overflow vulnerability exists in the Compound Document | Binary File format parser of v1.14.52 of the GNOME Project G | Structured File Library (libgsf). A specially crafted file can | result in an integer overflow that allows for a heap-based buffer | overflow when processing the sector allocation table. This can lead | to arbitrary code execution. An attacker can provide a malicious | file to trigger this vulnerability. https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069 Both are tracked/fixed upstream via: https://gitlab.gnome.org/GNOME/libgsf/-/issues/34 https://gitlab.gnome.org/GNOME/libgsf/-/commit/06d0cb92a4c02e7126ef2ff6f5e29fd74b4be9e0 If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-36474 https://www.cve.org/CVERecord?id=CVE-2024-36474 [1] https://security-tracker.debian.org/tracker/CVE-2024-42415 https://www.cve.org/CVERecord?id=CVE-2024-42415 Please adjust the affected versions in the BTS as needed.
Read more here: Source link