Advisories » MGASA-2018-0044

Updated wayland packages fix security vulnerability

Publication date: 03 Jan 2018
Modification date: 03 Jan 2018
Type: security
Affected Mageia releases : 5 , 6

Description

It is possible to trigger heap overflows due to an integer overflow while
parsing images. The integer overflow occurs because the chosen limit
0x10000 for dimensions is too large for 32 bit systems, because each pixel
takes 4 bytes. Properly chosen values allow an overflow which in turn will
lead to less allocated memory than needed for subsequent reads
(rhbz#1522638).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22241
• https://lists.freedesktop.org/archives/wayland-devel/2017-November/035979.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IXMOIFOO2UOSQM24VCICNJ4KXHAPBQ4D/

SRPMS

5/core

• wayland-1.6.0-2.1.mga5

6/core

• wayland-1.11.0-1.1.mga6