Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[GHSA-x534-j49x-mqvj] A double free vulnerability in the DDGifSlurp function in... #5162

Open
wants to merge 1 commit into
base: Marcono1234/advisory-improvement-5162
Choose a base branch
from
Open

[GHSA-x534-j49x-mqvj] A double free vulnerability in the DDGifSlurp function in... #5162

wants to merge 1 commit into from
+32 −4

Conversation

Marcono1234
Copy link
Contributor

@Marcono1234 Marcono1234 commented Jan 11, 2025
edited
Loading

This is a copy of #5161 because I was unable to fix a typo there (see comment).

Updates

  • Affected products
  • Description
  • Source code location
  • Summary

Comments

@github-actions github-actions bot changed the base branch from main to Marcono1234/advisory-improvement-5162 January 11, 2025 14:04
@Marcono1234 Marcono1234 mentioned this pull request Jan 11, 2025
Closed
Marcono1234
Marcono1234 commented Jan 11, 2025
View reviewed changes
advisories/unreviewed/2022/05/GHSA-x534-j49x-mqvj/GHSA-x534-j49x-mqvj.json
"modified": "2023-03-01T18:30:58Z",
"modified": "2023-03-09T05:05:46Z",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure why this modified value changed, and why it uses a date from 2023. I just copied this from #5161 where it was automatically changed like this.

advisories/unreviewed/2022/05/GHSA-x534-j49x-mqvj/GHSA-x534-j49x-mqvj.json
Comment on lines -9 to +10
"details": "A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service.",
"summary": "Double free in android-gif-drawable",
"details": "A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

General question: Are changes from NVD not synced back here? According to https://nvd.nist.gov/vuln/detail/cve-2019-11932#VulnChangeHistorySection this change already happened in 2019.

(Though the NVD entry has some issues, it contains multiple duplicate reference links.)

advisories/unreviewed/2022/05/GHSA-x534-j49x-mqvj/GHSA-x534-j49x-mqvj.json
{
"package": {
"ecosystem": "Maven",
"name": "pl.droidsonroids.gif:android-gif-drawable"
Copy link
Contributor Author

@Marcono1234 Marcono1234 Jan 11, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this enough for Dependabot to notice this, and for it to be synced to https://osv.dev/vulnerability/CVE-2019-11932?

If not, could you please review this advisory so it goes from "unreviewed" to "github-reviewed"?
According to the presentation https://media.ccc.de/v/38c3-ultrawide-archaeology-on-android-native-libraries#t=1244 a lot of Android apps might still be using vulnerable versions.
Though maybe should be done together with #5164 then so users directly update to >= 1.2.24.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Marcono1234