CVE-2018-1000041

Published: 09 February 2018

GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
librsvg
Launchpad, Ubuntu, Debian
Upstream
Released (2.40.20-1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(2.40.20-2)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
Patches:
Upstream: https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea
Other: https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd

Notes

AuthorNote
mdeslaur
vulnerability is windows-specific

References