139 matches found
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: fontconfig: fontconfig-2.17.1-0.1.hum1 aarch64, x8664 fontconfig-devel-2.17.1-0.1.hum1 aarch64, x8664 fontconfig-devel-doc-2.17.1-0.1.hum1 noarch fontconfig-2.17.1-0.1.hum1.src src Security Fixes...
JLSEC-2026-79
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
A flaw was found in fontconfig. This vulnerability, an off-by-one error in how fontconfig handles font capabilities, could allow a local attacker to cause a one-byte out-of-bounds write. This issue may lead to a system crash, resulting in a Denial of Service DoS, or potentially enable the attacke...
SUSE CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
Linux Distros Unpatched Vulnerability : CVE-2026-34085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a cra...
UBUNTU-CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the FcFontCapabilities function in fcfreetype.c. An attacker can cause a one-byte out-of-bounds write, potentially leading to a crash or execution of arbitrary code by supplying crafted input that triggers the...
EUVD-2026-15934
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
DEBIAN-CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
CVE-2026-34085 affects fontconfig before 2.17.1. The vulnerability is an off-by-one error in allocation during sfnt capability handling, causing a one-byte out-of-bounds write in FcFontCapabilities within fcfreetype.c. Consequences include potential crash or code execution. The available connecte...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
CVE-2026-34085
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...
PT-2026-28071
Name of the Vulnerable Software and Affected Versions fontconfig versions prior to 2.17.1 Description fontconfig versions prior to 2.17.1 contain an off-by-one error in memory allocation during sfnt capability handling. This error can lead to a one-byte out-of-bounds write within the...
fontconfig 安全漏洞
Fontconfig is an open-source font-related computer library developed by freedesktop. Versions of Fontconfig prior to 2.17.1 contained security vulnerabilities. These vulnerabilities stemmed from errors in the allocation process during sfnt processing, which could lead to one-byte out-of-bound...
RockyLinux 8 : mingw-fontconfig (RLSA-2026:3407)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:3407 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 Tenable ha...