CVE-2015-7558
published 2016-05-20CVE-2015-7558: librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic…
PriorityP432high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
2.40%
81.9th percentile
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | librsvg | < librsvg 2.40.12-1 (bookworm) | librsvg 2.40.12-1 (bookworm) |
| gnome | librsvg | <= 2.40.11 | — |
| gnome | librsvg | >= 0 < 2.40.12-1 | 2.40.12-1 |
| gnome | librsvg | >= 0 < 2.40.12-1 | 2.40.12-1 |
| gnome | librsvg | >= 0 < 2.40.12-1 | 2.40.12-1 |
| gnome | librsvg | >= 0 < 2.40.12-1 | 2.40.12-1 |
| gnome | librsvg | >= 0 < 2.40.12 | 2.40.12 |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
librsvg2:
vendor_redhat·2016-04-28·CVSS 7.5
CVE-2016-4347 [HIGH] librsvg2:
librsvg2:
[REJECTED CVE] A denial of service flaw was found in the way the librsvg2 library parsed SVG files. A specially crafted SVG file with circular definitions could cause an application using librsvg2 to crash.
Statement: This flaw was found to be a duplicate of CVE-2015-7558. Please see https://access.redhat.com/security/cve/CVE-2015-7558 for information about affected products and security errata.
Package: librsvg2 (Red Hat Enterprise Linux 5) - Not affected
Package: librsvg2 (Red Hat Enterprise Linux 6) - Not affected
Package: librsvg2 (Red Hat Enterprise Linux 7) - Not affected
Red Hat
librsvg2: Stack exhaustion causing DoS
vendor_redhat·2015-12-21·CVSS 7.5
CVE-2015-7558 [HIGH] CWE-674 librsvg2: Stack exhaustion causing DoS
librsvg2: Stack exhaustion causing DoS
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
Package: librsvg2 (Red Hat Enterprise Linux 5) - Will not fix
Package: librsvg2 (Red Hat Enterprise Linux 6) - Will not fix
Package: librsvg2 (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2015-7558: librsvg - librsvg before 2.40.12 allows context-dependent attackers to cause a denial of s...
vendor_debian·2015·CVSS 7.5
CVE-2015-7558 [HIGH] CVE-2015-7558: librsvg - librsvg before 2.40.12 allows context-dependent attackers to cause a denial of s...
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
Scope: local
bookworm: resolved (fixed in 2.40.12-1)
bullseye: resolved (fixed in 2.40.12-1)
forky: resolved (fixed in 2.40.12-1)
sid: resolved (fixed in 2.40.12-1)
trixie: resolved (fixed in 2.40.12-1)
GHSA
librsvg DoS via Cyclic References
ghsa·2022-05-17
CVE-2015-7558 [HIGH] CWE-20 librsvg DoS via Cyclic References
librsvg DoS via Cyclic References
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
OSV
librsvg DoS via Cyclic References
osv·2022-05-17
CVE-2015-7558 [HIGH] librsvg DoS via Cyclic References
librsvg DoS via Cyclic References
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
OSV
CVE-2015-7558: librsvg before 2
osv·2016-05-20·CVSS 7.5
CVE-2015-7558 [HIGH] CVE-2015-7558: librsvg before 2
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-7558 mingw-librsvg2: librsvg2: Stack exhaustion causing DoS [fedora-all]
bugzilla·2015-12-21·CVSS 7.5
CVE-2015-7558 [HIGH] CVE-2015-7558 mingw-librsvg2: librsvg2: Stack exhaustion causing DoS [fedora-all]
CVE-2015-7558 mingw-librsvg2: librsvg2: Stack exhaustion causing DoS [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions
Bugzilla
CVE-2015-7558 librsvg2: Stack exhaustion causing DoS [fedora-all]
bugzilla·2015-12-21·CVSS 7.5
CVE-2015-7558 [HIGH] CVE-2015-7558 librsvg2: Stack exhaustion causing DoS [fedora-all]
CVE-2015-7558 librsvg2: Stack exhaustion causing DoS [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. Whil
Bugzilla
CVE-2015-7558 librsvg2: Stack exhaustion causing DoS
bugzilla·2015-10-02·CVSS 7.5
CVE-2015-7558 [HIGH] CVE-2015-7558 librsvg2: Stack exhaustion causing DoS
CVE-2015-7558 librsvg2: Stack exhaustion causing DoS
A vulnerability causing stack exhaustion leading to DoS was found in librsvg2 when parsing SVG file.
Discussion:
Acknowledgements:
Red Hat would like to thank Gustavo Grieco for reporting this issue.
---
I don't believe that firefox is using librsvg to parse files that are loaded from the net.
---
yes, I believe this was fixed by rewriting the way librsvg checks for cyclic references.
---
Created librsvg2 tracking bugs for this issue:
Affects: fedora-all [bug 1293346]
---
Created mingw-librsvg2 tracking bugs for this issue:
Affects: fedora-all [bug 1293347]
---
*** Bug 1331724 has been marked as a duplicate of this bug. ***
http://www.debian.org/security/2016/dsa-3584http://www.openwall.com/lists/oss-security/2015/12/21/5http://www.openwall.com/lists/oss-security/2016/04/30/3https://bugzilla.redhat.com/show_bug.cgi?id=1268243https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61http://www.debian.org/security/2016/dsa-3584http://www.openwall.com/lists/oss-security/2015/12/21/5http://www.openwall.com/lists/oss-security/2016/04/30/3https://bugzilla.redhat.com/show_bug.cgi?id=1268243https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61
2016-05-20
Published