There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Poppler | Freedesktop | * | 0.41.0 (excluding) |
| Red Hat Enterprise Linux 7 | RedHat | accountsservice-0:0.6.50-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | adwaita-icon-theme-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | appstream-data-0:7-20180614.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | atk-0:2.28.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | at-spi2-atk-0:2.26.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | at-spi2-core-0:2.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | baobab-0:3.28.0-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | bolt-0:0.4-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | brasero-0:3.12.2-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | cairo-0:1.15.12-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | cheese-2:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | clutter-gst3-0:3.0.26-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | compat-exiv2-023-0:0.23-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | control-center-1:3.28.1-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | dconf-0:0.28.0-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | dconf-editor-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | devhelp-1:3.28.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | ekiga-0:4.0.1-8.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | empathy-0:3.12.13-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | eog-0:3.28.3-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evince-0:3.28.2-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-0:3.28.5-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-data-server-0:3.28.5-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-ews-0:3.28.5-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-mapi-0:3.28.3-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | file-roller-0:3.28.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | flatpak-0:1.0.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | folks-1:0.11.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | fontconfig-0:2.13.0-4.3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | freetype-0:2.8-12.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | fribidi-0:1.0.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | fwupd-0:1.0.8-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | fwupdate-0:12-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gcr-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gdk-pixbuf2-0:2.36.12-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gdm-1:3.28.2-9.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gedit-2:3.28.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gedit-plugins-0:3.28.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | geoclue2-0:2.4.8-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | geocode-glib-0:3.26.0-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gjs-0:1.52.3-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | glade-0:3.22.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | glib2-0:2.56.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | glibmm24-0:2.56.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | glib-networking-0:2.56.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-backgrounds-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-bluetooth-1:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-boxes-0:3.28.5-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-calculator-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-clocks-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-color-manager-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-contacts-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-desktop3-0:3.28.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-devel-docs-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-dictionary-0:3.26.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-disk-utility-0:3.28.3-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-documents-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-font-viewer-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-getting-started-docs-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-initial-setup-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-keyring-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-online-accounts-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-online-miners-0:3.26.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-packagekit-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-screenshot-0:3.26.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-session-0:3.28.1-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-settings-daemon-0:3.28.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-shell-0:3.28.3-6.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-shell-extensions-0:3.28.1-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-software-0:3.28.2-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-system-monitor-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-terminal-0:3.28.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-themes-standard-0:3.28-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-tweak-tool-0:3.28.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-user-docs-0:3.28.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnote-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gobject-introspection-0:1.56.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gom-0:0.3.3-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | google-noto-emoji-fonts-0:20180508-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | grilo-0:0.3.6-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | grilo-plugins-0:0.3.7-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gsettings-desktop-schemas-0:3.28.0-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gspell-0:1.6.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gssdp-0:1.0.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer1-plugins-base-0:1.10.4-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gtk3-0:3.22.30-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gtk-doc-0:1.28-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gtksourceview3-0:3.24.8-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gucharmap-0:10.0.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gupnp-0:1.0.2-5.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gupnp-igd-0:0.2.5-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gvfs-0:1.36.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | harfbuzz-0:1.7.5-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | json-glib-0:1.4.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libappstream-glib-0:0.7.8-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libchamplain-0:0.12.16-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libcroco-0:0.6.12-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgdata-0:0.17.9-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgee-0:0.20.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgepub-0:0.6.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgexiv2-0:0.10.8-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgnomekbd-0:3.26.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgovirt-0:0.3.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgtop2-0:2.38.0-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgweather-0:3.28.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libgxps-0:0.3.0-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libical-0:3.0.3-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libjpeg-turbo-0:1.2.90-6.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libmediaart-0:1.9.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libosinfo-0:1.1.0-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libpeas-0:1.22.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | librsvg2-0:2.40.20-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libsecret-0:0.18.6-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libsoup-0:2.62.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | libwnck3-0:3.24.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | mozjs52-0:52.9.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | mutter-0:3.28.3-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | nautilus-0:3.26.3.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | nautilus-sendto-1:3.8.6-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | openchange-0:2.3-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | osinfo-db-0:20180531-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | PackageKit-0:1.1.10-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | pango-0:1.42.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | poppler-0:0.26.5-20.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | pyatspi-0:2.26.0-3.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | redhat-logos-0:70.0.3-7.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | rest-0:0.8.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | rhythmbox-0:3.4.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | seahorse-nautilus-0:3.11.92-11.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | shotwell-0:0.28.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | sushi-0:3.28.3-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | totem-1:3.26.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | totem-pl-parser-0:3.26.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | upower-0:0.99.7-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | vala-0:0.40.8-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | vino-0:3.22.0-7.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | vte291-0:0.52.2-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | wayland-0:1.15.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | wayland-protocols-0:1.14-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | webkitgtk4-0:2.20.5-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | xdg-desktop-portal-0:1.0.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | xdg-desktop-portal-gtk-0:1.0.2-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | yelp-2:3.28.1-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | yelp-tools-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | yelp-xsl-0:3.28.0-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | zenity-0:3.28.1-1.el7 | * |
| Poppler | Ubuntu | trusty | * |
Potential Mitigations
References
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2018:3140
- https://access.redhat.com/errata/RHSA-2018:3505
- https://bugs.freedesktop.org/show_bug.cgi?id=106408
- https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html
- https://usn.ubuntu.com/3647-1/
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2018:3140
- https://access.redhat.com/errata/RHSA-2018:3505
- https://bugs.freedesktop.org/show_bug.cgi?id=106408
- https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html
- https://usn.ubuntu.com/3647-1/