SB2024080703 - Gentoo update for libXpm

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Untrusted search path (CVE-ID: CVE-2022-4883)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to libXpm relies on the $PATH variable to run the command responsible for decompressing .Z or .gz files. A local user can execute arbitrary code with elevated privileges.

2) Infinite loop (CVE-ID: CVE-2022-44617)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the ParsePixels() function when handling XPM files with width set to 0 and a very large height value. A remote attacker can trick the victim to open a specially crafted XPM file and perform a denial of service (DoS) attack.

3) Infinite loop (CVE-ID: CVE-2022-46285)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when handling unclosed comments in XPM images within the ParseComment() function. A remote attacker can trick the victim to open a specially crafted image and cause denial of service conditions.

4) Out-of-bounds read (CVE-ID: CVE-2023-43788)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

5) Out-of-bounds read (CVE-ID: CVE-2023-43789)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Remediation

Install update from vendor's website.

References

• https://security.gentoo.org/glsa/202408-03