Описание
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | libgxps | Not affected | ||
| Red Hat Enterprise Linux 7 | accountsservice | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | adwaita-icon-theme | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | appstream-data | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | atk | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | at-spi2-atk | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | at-spi2-core | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | baobab | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | bolt | Fixed | RHSA-2018:3140 | 30.10.2018 |
| Red Hat Enterprise Linux 7 | brasero | Fixed | RHSA-2018:3140 | 30.10.2018 |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1576111libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c
EPSS
Процентиль: 73%
0.00799
Низкий
3.3 Low
CVSS3
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 7 лет назад
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
CVSS3: 6.5
nvd
больше 7 лет назад
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
CVSS3: 6.5
debian
больше 7 лет назад
There is a heap-based buffer over-read in the function ft_font_face_ha ...
EPSS
Процентиль: 73%
0.00799
Низкий
3.3 Low
CVSS3