Blender: Untrusted search path — GLSA 201001-07

An untrusted search path vulnerability in Blender might result in the execution of arbitrary code.

Affected packages

media-gfx/blender on all architectures
Affected versions < 2.48a-r3
Unaffected versions >= 2.48a-r3

Background

Blender is a 3D Creation/Animation/Publishing System.

Description

Steffen Joeris reported that Blender's BPY_interface calls PySys_SetArgv() in such a way that Python prepends sys.path with an empty string.

Impact

A local attacker could entice a user to run "blender" from a directory containing a specially crafted Python module, resulting in the execution of arbitrary code with the privileges of the user running the application.

Workaround

There is no known workaround at this time.

Resolution

All Blender users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-gfx/blender-2.48a-r3"

References

Release date
January 13, 2010

Latest revision
January 13, 2010: 01

Severity
normal

Exploitable
local

Bugzilla entries