Описание
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
A heap buffer overflow flaw was found in Freetype’s sfnt_init_face() function in the sfobjs.c file. The vulnerability occurs when creating a face with a strange file and invalid index. This flaw allows an attacker to read a small amount of memory, causing the application to crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/multicluster-observability-rhel8-operator | Not affected | ||
| Red Hat Enterprise Linux 6 | freetype | Not affected | ||
| Red Hat Enterprise Linux 7 | freetype | Out of support scope | ||
| Red Hat Enterprise Linux 8 | freetype | Fixed | RHSA-2022:7745 | 08.11.2022 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | freetype | Fixed | RHSA-2024:0420 | 25.01.2024 |
| Red Hat Enterprise Linux 9 | freetype | Fixed | RHSA-2022:8340 | 15.11.2022 |
| Red Hat Enterprise Linux 9 | freetype | Fixed | RHSA-2022:8340 | 15.11.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.6 High
CVSS3
Связанные уязвимости
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovere ...
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
EPSS
7.6 High
CVSS3