libgetdata.so is vulnerable to arbitrary code execution. A use-after-free allows an attacker to send a malicious dirfile database to trigger a heap memory corruption via the function _GD_Supports()
in encoding.c
, leading to an arbitrary code execution or privilege escalation.
bugzilla.redhat.com/show_bug.cgi?id=1956348
lists.debian.org/debian-lts-announce/2021/05/msg00015.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43JTGEMYMCTHD3LHFD7ENBNSWCNBCYEY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GB7T7DW7XRPJOUE25ZE7GF244FPCHBWY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OE23HBLIVKVPOQ5MVADWPOCFMREVF4QZ/
lists.fedoraproject.org/archives/list/[email protected]/message/43JTGEMYMCTHD3LHFD7ENBNSWCNBCYEY/
lists.fedoraproject.org/archives/list/[email protected]/message/GB7T7DW7XRPJOUE25ZE7GF244FPCHBWY/
lists.fedoraproject.org/archives/list/[email protected]/message/OE23HBLIVKVPOQ5MVADWPOCFMREVF4QZ/