CVE-2016-6855
Description
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| sles | affected | | |
| debian | bookworm | fixed | 3.20.4-1 |
| debian | bullseye | fixed | 3.20.4-1 |
| debian | forky | fixed | 3.20.4-1 |
| debian | sid | fixed | 3.20.4-1 |
| debian | trixie | fixed | 3.20.4-1 |
| suse | 42.1 | affected | |
| suse | 13.2 | affected | |
| fedora | 23 | affected | |
| fedora | 24 | affected | |
| ubuntu | 12.04 | affected | |
| ubuntu | 14.04 | affected | |
| ubuntu | 16.04 | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| gnome | eye_of_gnome | 3.16.5 | |
| gnome | eye_of_gnome | 3.17.1 | |
| gnome | eye_of_gnome | 3.17.2 | |
| gnome | eye_of_gnome | 3.17.3 | |
| gnome | eye_of_gnome | 3.17.90 | |
| gnome | eye_of_gnome | 3.17.91 | |
| gnome | eye_of_gnome | 3.17.92 | |
| gnome | eye_of_gnome | 3.18.0 | |
| gnome | eye_of_gnome | 3.18.1 | |
| gnome | eye_of_gnome | 3.18.2 | |
| gnome | eye_of_gnome | 3.19.1 | |
| gnome | eye_of_gnome | 3.19.2 | |
| gnome | eye_of_gnome | 3.19.3 | |
| gnome | eye_of_gnome | 3.19.4 | |
| gnome | eye_of_gnome | 3.19.90 | |
| gnome | eye_of_gnome | 3.19.91 | |
| gnome | eye_of_gnome | 3.19.92 | |
| gnome | eye_of_gnome | 3.20.0 | |
| gnome | eye_of_gnome | 3.20.1 | |
| gnome | eye_of_gnome | 3.20.2 | |
| gnome | eye_of_gnome | 3.20.3 | |
| gnome | glib | 2.44.0 | |
References
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00021.html
- http://packetstormsecurity.com/files/138486/Gnome-Eye-Of-Gnome-3.10.2-Out-Of-Bounds-Write.html
- http://www.securityfocus.com/bid/92616
- http://www.ubuntu.com/usn/USN-3069-1
- https://bugzilla.gnome.org/show_bug.cgi?id=770143
- https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4
- https://git.gnome.org/browse/eog/plain/NEWS?h=3.16.5
- https://git.gnome.org/browse/eog/plain/NEWS?h=3.18.3
- https://git.gnome.org/browse/eog/plain/NEWS?h=3.20.4
- https://lists.debian.org/debian-lts-announce/2020/04/msg00018.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVINHHR6VJKXTYYMAYKN5GROKHVT4UKB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6GFDHLNPUG7JHWM3QLXQNRA7NZGU2KI/
- https://www.exploit-db.com/exploits/40291/
- https://www.suse.com/security/cve/CVE-2016-6855.html
- https://security-tracker.debian.org/tracker/CVE-2016-6855
CWEs
CWE-787
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.