Описание
In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).
A NULL pointer dereference was discovered in the gnome-font-viewer in the way it deals with fonts without a family name. A user may be tricked into opening a specially crafted font, which could make the gnome-font-viewer crash.
Отчет
This issue did not affect the versions of gnome-font-viewer as shipped with Red Hat Enterprise Linux 7, and 8 as they did not include the vulnerable code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | gnome-font-viewer | Not affected | ||
| Red Hat Enterprise Linux 8 | gnome-font-viewer | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).
In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).
In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, ...
In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).
EPSS
3.3 Low
CVSS3