Описание
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| fig2dev | fixed | 1:3.2.8b-1 | package | |
| fig2dev | fixed | 1:3.2.8-3+deb11u1 | bullseye | package |
| fig2dev | not-affected | buster | package | |
| fig2dev | not-affected | stretch | package | |
| transfig | removed | package |
Примечания
https://sourceforge.net/p/mcj/tickets/125/
https://sourceforge.net/p/mcj/fig2dev/ci/899ea1277387ca9e9853bf61d29b7419d5692691/
Introduced by https://sourceforge.net/p/mcj/fig2dev/ci/bc3beba96605f9db5a063061ea28077937959ae2/ (3.2.8)
EPSS
Связанные уязвимости
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
Уязвимость функции free_stream утилиты для преобразования файлов с расширением fig fig2dev , связанная с ошибкой повторного освобождения памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS