Candidate: CVE-2017-7875
PublicDate: 2017-04-14 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7875
 https://feh.finalrewind.org/
 https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d
Description:
 In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be
 the E17 window manager, it is possible to trigger an out-of-boundary heap
 write while receiving an IPC message. An integer overflow leads to a buffer
 overflow and/or a double free.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860367
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_feh:
upstream_feh: released (2.18-2)
precise_feh: ignored (reached end-of-life)
precise/esm_feh: DNE (precise was needed)
trusty_feh: ignored (reached end-of-life)
trusty/esm_feh: DNE (trusty was needed)
vivid/stable-phone-overlay_feh: DNE
vivid/ubuntu-core_feh: DNE
xenial_feh: ignored (end of standard support, was needed)
yakkety_feh: ignored (reached end-of-life)
zesty_feh: ignored (reached end-of-life)
artful_feh: ignored (reached end-of-life)
bionic_feh: not-affected (2.23.2-1build1)
cosmic_feh: not-affected (2.23.2-1build1)
disco_feh: not-affected (2.23.2-1build1)
eoan_feh: not-affected (2.23.2-1build1)
focal_feh: not-affected (2.23.2-1build1)
groovy_feh: not-affected (2.23.2-1build1)
hirsute_feh: not-affected (2.23.2-1build1)
impish_feh: not-affected (2.23.2-1build1)
jammy_feh: not-affected (2.23.2-1build1)
devel_feh: not-affected (2.23.2-1build1)