CVE-2017-7875

NameCVE-2017-7875
DescriptionIn wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-2219-1, DLA-899-1
Debian Bugs860367

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
feh (PTS)buster3.1.3-1fixed
bullseye3.6.3-1fixed
bookworm3.9.1-2fixed
sid, trixie3.10.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
fehsourcewheezy2.3-2+deb7u1DLA-899-1
fehsourcejessie2.12-1+deb8u1DLA-2219-1
fehsource(unstable)2.18-2low860367

Notes

Fixed by: https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d
Search for package or bug name: Reporting problems