Re: Null pointer dereference in Xedit

[Alan Coopersmith <alan.coopersmith () oracle com>]

On 1/19/24 19:48, Meng Ruijie wrote:
> [Vulnerability description]
> A NULL pointer dereference in the component /X11/xedit/lisp of Xedit v1.2.3 allows attackers to cause a Denial of 
> Service (DoS) via a crafted lisp.lsp file.
>
> [VulnerabilityType Other]
> null pointer deference
>
> [Vendor of Product]
> Xedit
>
> [Affected Product Code Base]
> Xedit - 1.2.3
>
> [Reference]
> https://gitlab.freedesktop.org/xorg/app/xedit/-/issues/1
>
> [CVE Reference]
> The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2023-45916 to this 
> vulnerability.

I will be asking that this CVE be withdrawn on behalf of the X.Org security team.

While it is a low-priority bug, we did not see any security exposure
when this bug was first brought to our attention because there is no
way for an attacker to change the contents of the lisp.lsp file or to
cause a *.lsp file to be loaded for another user.

The bug report states "replace /usr/local/lib/X11/xedit/lisp/lisp.lsp with
the attached version,"  and if you can do that, you can just replace the
xedit binary with a version containing whatever code you want.

Please do not waste everyone's time requesting CVE's for other people's projects
without their knowledge or consent.

--
     -Alan Coopersmith-              alan.coopersmith () oracle com
       X.Org Security Response Team - xorg-security () lists x org

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/