Описание
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted cache file to trigger arbitrary free() calls, which in turn could lead to arbitrary code execution.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | fontconfig | Will not fix | ||
| Red Hat Enterprise Linux 6 | fontconfig | Will not fix | ||
| Red Hat Enterprise Virtualization 3 | mingw-virt-viewer | Will not fix | ||
| Red Hat Enterprise Linux 7 | fontconfig | Fixed | RHSA-2016:2601 | 03.11.2016 |
Показывать по
Дополнительная информация
Статус:
4.5 Medium
CVSS3
3.7 Low
CVSS2
Связанные уязвимости
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
fontconfig before 2.12.1 does not validate offsets, which allows local ...
4.5 Medium
CVSS3
3.7 Low
CVSS2