https://bugzilla.redhat.com/show_bug.cgi?id=2052018
Bug ID: 2052018
Summary: blender: Out-of-bounds memory access due to malformed
DDS image file
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mcascell(a)redhat.com
CC: design-devel(a)lists.fedoraproject.org,
kwizart(a)gmail.com, luya_tfz(a)thefinalzone.net,
negativo17(a)gmail.com, promac(a)gmail.com
Blocks: 2052005
Target Milestone: ---
Classification: Other
An integer underflow in the DDS loader of Blender 3.1.0 Alpha and older leads
to an out-of-bounds read, possibly allowing an attacker to read sensitive data
using a crafted DDS image file.
Upstream issue:
https://developer.blender.org/T94661
Upstream commits:
https://developer.blender.org/rB0ac83d05d7cccec436bb939e0aa768f6a3d77d72
https://developer.blender.org/rBbbad834f1c2a1f7030ed9741c486b23241e8885e
https://developer.blender.org/rBd9dd8c287f57716a827483973c31bbb2face2816
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2052018