LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

pixman: stack-based buffer overflow

Package(s):pixman CVE #(s):CVE-2013-1591
Created:February 27, 2013 Updated:March 28, 2013
Description: From the Red Hat bugzilla:

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4, has unspecified impact and attack vectors.

The upstream commit to correct this flaw:

http://cgit.freedesktop.org/pixman/commit...

The affected code (pixman/pixman-inlines.h, fast_composite_scaled_bilinear()) is present in the version of pixmap shipped with Fedora 17 (0.24.4), but is not present in Red Hat Enterprise Linux 5 or 6 (the fast_composite_scaled_bilinear() function is in pixman/pixman-fast-path.h, but the vulnerable code is not there and I don't detect anything comparable). So it's likely that the vulnerable code was introduced after 0.22.0.

Alerts:
Fedora FEDORA-2013-2414 2013-02-27
Mageia MGASA-2013-0077 2013-03-01
Fedora FEDORA-2013-2450 2013-03-02
Red Hat RHSA-2013:0687-01 2013-03-27
CentOS CESA-2013:0687 2013-03-27
Oracle ELSA-2013-0687 2013-03-27
Scientific Linux SL-pixm-20130327 2013-03-27
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds