SB2019051565 - Fedora 29 update for mupdf

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Resource exhaustion (CVE-ID: CVE-2018-19881)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.

2) NULL pointer dereference (CVE-ID: CVE-2018-19882)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted svg file, as demonstrated by mupdf-gl.

3) Input validation error (CVE-ID: CVE-2019-6130)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.

4) Resource management error (CVE-ID: CVE-2019-6131)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.

Remediation

Install update from vendor's website.

References

• https://bodhi.fedoraproject.org/updates/FEDORA-2019-15af6a9a07