Vulnerabilities > CVE-2019-1010238 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4081-1.NASL description It was discovered that Pango incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 127798 published 2019-08-12 reporter Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127798 title Ubuntu 19.04 : pango1.0 vulnerability (USN-4081-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2582.NASL description An update for pango is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es) : * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 128408 published 2019-08-30 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128408 title RHEL 8 : pango (RHSA-2019:2582) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201909-03.NASL description The remote host is affected by the vulnerability described in GLSA-201909-03 (Pango: Buffer overflow) A buffer overflow has been discovered in Pango’s pango_log2vis_get_embedding_levels function. Impact : A remote attacker could entice a user to process a specially crafted string with functions like pango_itemize, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 128592 published 2019-09-09 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128592 title GLSA-201909-03 : Pango: Buffer overflow NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0191_PANGO.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pango packages installed that are affected by a vulnerability: - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. (CVE-2019-1010238) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 129893 published 2019-10-15 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129893 title NewStart CGSL CORE 5.04 / MAIN 5.04 : pango Vulnerability (NS-SA-2019-0191) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-2582.NASL description From Red Hat Security Advisory 2019:2582 : An update for pango is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es) : * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 128405 published 2019-08-30 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128405 title Oracle Linux 8 : pango (ELSA-2019-2582) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-3234.NASL description An update for pango is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es) : * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 130381 published 2019-10-30 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130381 title RHEL 7 : pango (RHSA-2019:3234) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2344.NASL description According to the version of the pango package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.(CVE-2019-1010238) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 131509 published 2019-12-03 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131509 title EulerOS Virtualization for ARM 64 3.0.3.0 : pango (EulerOS-SA-2019-2344) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2571.NASL description An update for pango is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es) : * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 128407 published 2019-08-30 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128407 title RHEL 7 : pango (RHSA-2019:2571) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2088.NASL description According to the version of the pango packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.(CVE-2019-1010238) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-03 modified 2019-09-30 plugin id 129447 published 2019-09-30 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129447 title EulerOS 2.0 SP8 : pango (EulerOS-SA-2019-2088) NASL family Scientific Linux Local Security Checks NASL id SL_20190828_PANGO_ON_SL7_X.NASL description Security Fix(es) : - pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) last seen 2020-03-18 modified 2019-08-29 plugin id 128311 published 2019-08-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128311 title Scientific Linux Security Update : pango on SL7.x x86_64 (20190828) NASL family Fedora Local Security Checks NASL id FEDORA_2019-547BE4A683.NASL description Security fix for CVE-2019-1010238 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 128040 published 2019-08-21 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128040 title Fedora 30 : pango (2019-547be4a683) NASL family Fedora Local Security Checks NASL id FEDORA_2019-155E34DF5A.NASL description Security fix for CVE-2019-1010238 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 128432 published 2019-09-03 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128432 title Fedora 29 : pango (2019-155e34df5a) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0232_PANGO.NASL description The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pango packages installed that are affected by a vulnerability: - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. (CVE-2019-1010238) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 132477 published 2019-12-31 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132477 title NewStart CGSL CORE 5.05 / MAIN 5.05 : pango Vulnerability (NS-SA-2019-0232) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-2571.NASL description From Red Hat Security Advisory 2019:2571 : An update for pango is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es) : * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 128298 published 2019-08-28 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128298 title Oracle Linux 7 : pango (ELSA-2019-2571) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2019-2571.NASL description An update for pango is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Security Fix(es) : * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 129018 published 2019-09-19 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129018 title CentOS 7 : pango (CESA-2019:2571) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4496.NASL description Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of service or potentially the execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 127492 published 2019-08-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127492 title Debian DSA-4496-1 : pango1.0 - security update
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- https://access.redhat.com/errata/RHBA-2019:2824
- https://access.redhat.com/errata/RHBA-2019:2824
- https://access.redhat.com/errata/RHSA-2019:2571
- https://access.redhat.com/errata/RHSA-2019:2571
- https://access.redhat.com/errata/RHSA-2019:2582
- https://access.redhat.com/errata/RHSA-2019:2582
- https://access.redhat.com/errata/RHSA-2019:2594
- https://access.redhat.com/errata/RHSA-2019:2594
- https://access.redhat.com/errata/RHSA-2019:3234
- https://access.redhat.com/errata/RHSA-2019:3234
- https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c
- https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c
- https://gitlab.gnome.org/GNOME/pango/-/issues/342
- https://gitlab.gnome.org/GNOME/pango/-/issues/342
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6HWAHXJ2ZXINYMANHPFDDCJFWUQ57M4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6HWAHXJ2ZXINYMANHPFDDCJFWUQ57M4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VFFF4FY7SCAYT3EKTYPGRN6BVKZTH7Y7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VFFF4FY7SCAYT3EKTYPGRN6BVKZTH7Y7/
- https://seclists.org/bugtraq/2019/Aug/14
- https://seclists.org/bugtraq/2019/Aug/14
- https://security.gentoo.org/glsa/201909-03
- https://security.gentoo.org/glsa/201909-03
- https://usn.ubuntu.com/4081-1/
- https://usn.ubuntu.com/4081-1/
- https://www.debian.org/security/2019/dsa-4496
- https://www.debian.org/security/2019/dsa-4496
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuapr2020.html