Detections
Analytics

FreeBSD : librsvg2 -- multiple vulnabilities (b66583ae-5aee-4cd5-bb31-b2d397f8b6b3)

medium Nessus Plugin ID 134257

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Librsvg2 developers reports :

Backport the following fixes from 2.46.x :

Librsvg now has limits on the number of loaded XML elements, and the number of referenced elements within an SVG document. This is to mitigate malicious SVGs which try to consume all memory, and those which try to consume an exponential amount of CPU time.

Fix stack exhaustion with circular references in <use> elements.

Fix a denial-of-service condition from exponential explosion of rendered elements, through nested use of SVG <use> elements in malicious SVGs. This is similar to the XML 'billion laughs attack' but for SVG instancing.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?5a465555

http://www.nessus.org/u?33df5b81

Plugin Details

Severity: Medium

ID: 134257

File Name: freebsd_pkg_b66583ae5aee4cd5bb31b2d397f8b6b3.nasl

Version: 1.3

Type: local

Published: 3/6/2020

Updated: 3/25/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2019-20446

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:librsvg2, p-cpe:/a:freebsd:freebsd:librsvg2-rust, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 3/2/2020

Vulnerability Publication Date: 2/26/2020

Reference Information

CVE: CVE-2019-20446