CVE-2019-20326 - OpenCVE

A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Gnome	Gthumb
Linuxmint	Pix

Configuration 1 [-]

cpe:2.3:a:gnome:gthumb:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:linuxmint:pix:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/Fysac/CVE-2019-20326	Exploit Third Party Advisory
https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad	Patch Vendor Advisory
https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44	Vendor Advisory
https://gitlab.gnome.org/GNOME/gthumb/commits/master/extensions/cairo_io/cairo-image-surface-jpeg.c	Vendor Advisory
https://lists.debian.org/debian-lts-announce/2021/08/msg00027.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202008-05	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-16T21:33:36

Updated: 2021-08-29T02:06:06

Reserved: 2020-01-02T00:00:00

Link: CVE-2019-20326

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-03-16T22:15:14.590

Modified: 2021-09-14T13:28:47.523

Link: CVE-2019-20326

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-12-23T00:00:00", "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-08-29T02:06:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitlab.gnome.org/GNOME/gthumb/commits/master/extensions/cairo_io/cairo-image-surface-jpeg.c"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/Fysac/CVE-2019-20326"}, {"name": "GLSA-202008-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202008-05"}, {"name": "[debian-lts-announce] 20210829 [SECURITY] [DLA 2749-1] gthumb security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00027.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-20326", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad", "refsource": "CONFIRM", "url": "https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad"}, {"name": "https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44", "refsource": "CONFIRM", "url": "https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44"}, {"name": "https://gitlab.gnome.org/GNOME/gthumb/commits/master/extensions/cairo_io/cairo-image-surface-jpeg.c", "refsource": "CONFIRM", "url": "https://gitlab.gnome.org/GNOME/gthumb/commits/master/extensions/cairo_io/cairo-image-surface-jpeg.c"}, {"name": "https://github.com/Fysac/CVE-2019-20326", "refsource": "MISC", "url": "https://github.com/Fysac/CVE-2019-20326"}, {"name": "GLSA-202008-05", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202008-05"}, {"name": "[debian-lts-announce] 20210829 [SECURITY] [DLA 2749-1] gthumb security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00027.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-20326", "datePublished": "2020-03-16T21:33:36", "dateReserved": "2020-01-02T00:00:00", "dateUpdated": "2021-08-29T02:06:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:gthumb:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B6A7E3B-D8F5-44A2-9EA3-6D06F326443F", "versionEndExcluding": "3.8.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxmint:pix:*:*:*:*:*:*:*:*", "matchCriteriaId": "F18A0651-13F3-4CDB-9026-8A4296186730", "versionEndExcluding": "2.4.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n _cairo_image_surface_create_from_jpeg() en el archivo extensions/cairo_io/cairo-image-surface-jpeg.c en GNOME gThumb versiones anteriores a 3.8.3 y Linux Mint Pix versiones anteriores a 2.4.5, permite a atacantes causar un bloqueo y ejecutar potencialmente c\u00f3digo arbitrario por medio de un archivo JPEG dise\u00f1ado."}], "id": "CVE-2019-20326", "lastModified": "2021-09-14T13:28:47.523", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-03-16T22:15:14.590", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Fysac/CVE-2019-20326"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://gitlab.gnome.org/GNOME/gthumb/commits/master/extensions/cairo_io/cairo-image-surface-jpeg.c"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00027.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202008-05"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}