tags 778261 - moreinfo
forwarded 778261 https://bugzilla.gnome.org/show_bug.cgi?id=749674
thanks

A short summary about what happened so far:

I asked for additional information by sending an e-mail to Red Hat's bug
tracker.

https://bugzilla.redhat.com/show_bug.cgi?id=852481

I was contacted by Stefan Cornelius from the Red Hat security team and
he sent me a reproducer for this vulnerability. This one is not intended
for public use, so interested parties who would like to fix this issue
should contact

        [email protected]

and ask for it there.

I have reported this issue upstream.

https://bugzilla.gnome.org/show_bug.cgi?id=749674


Red Hat has already closed this bug report again and marked it as
"wontfix". This means they "deem the overall real world risks to
be very low and have no immediate plans to fix the issue."

I think it is quite unlikely that someone is able to exploit this
vulnerability remotely. It might be possible to send someone a specially
crafted .byzanz file and possibly execute arbitrary code. The producer
which I have received causes a segmentation fault.

However .byzanz files are only used for debugging purposes and more
targeted at developers or benchmarks. A user also has to convert the
.byzanz file to a gif file with byzanz playback like this

        byzanz-playback test.byzanz test.gif


I haven't heard anything from upstream so far. I consider the overall
risk being low but this is still a bug that should be fixed. If someone
can come up with a patch, please let me know.

Markus

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to