Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-25262HistoryFeb 29, 2024 - 1:44 a.m.
CVE-2024-25262
2024-02-2901:44:15
Debian Security Bug Tracker
security-tracker.debian.org
6
texlive-bin
heap buffer overflow
cve-2024-25262
function ttfloadhdmx:ttfdump
denial of service
dos
crafted ttf file
unix
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0
Percentile
9.0%
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | texlive-bin | <= 2022.20220321.62855-5.1+deb12u1 | texlive-bin_2022.20220321.62855-5.1+deb12u1_all.deb |
| Debian | 11 | all | texlive-bin | <= 2020.20200327.54578-7+deb11u1 | texlive-bin_2020.20200327.54578-7+deb11u1_all.deb |
| Debian | 999 | all | texlive-bin | < 2023.20230311.66589-9 | texlive-bin_2023.20230311.66589-9_all.deb |
| Debian | 13 | all | texlive-bin | < 2023.20230311.66589-9 | texlive-bin_2023.20230311.66589-9_all.deb |
Related
cvelist
cvelist
CVE-2024-25262
2024-02-20 00:00:00
vulnrichment
vulnrichment
CVE-2024-25262
2024-02-20 00:00:00
prion
prion
Heap overflow
2024-02-29 01:44:00
ubuntucve
ubuntucve
CVE-2024-25262
2024-02-29 00:00:00
nvd
nvd
CVE-2024-25262
2024-02-29 01:44:15
cve
cve
CVE-2024-25262
2024-02-29 01:44:15
mageia
mageia
Updated texlive-20220321 packages fix security vulnerabilities
2024-04-05 21:24:25
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0108)
2024-04-09 00:00:00
Ubuntu: Security Advisory (USN-6695-1)
2024-03-15 00:00:00
ubuntu
ubuntu
TeX Live vulnerabilities
2024-03-14 00:00:00
osv
osv
texlive-bin vulnerabilities
2024-03-14 11:45:28
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : TeX Live vulnerabilities (USN-6695-1)
2024-03-14 00:00:00
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0
Percentile
9.0%
Related for DEBIANCVE:CVE-2024-25262