15 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: In the bitPutcs function, the bound-check glyph index was derived from the character value masked by 0xff or 0x1ff. This may lead to reading beyond the end of the built-in font array, exceeding the actual number o...
kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling
A flaw was found in the Linux kernel. A local attacker can exploit this vulnerability by providing a specially crafted font glyph index to the bitblit component. This can lead to an out-of-bounds read, potentially resulting in information disclosure or a denial of service...
kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling
A flaw was found in the Linux kernel. A local attacker can exploit this vulnerability by providing a specially crafted font glyph index to the bitblit component. This can lead to an out-of-bounds read, potentially resulting in information disclosure or a denial of service...
fbdev: bitblit: bound-check glyph index in bit_putcs*
...
SUSE CVE-2025-40322
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
EUVD-2025-201623
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
CVE-2025-40322
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
CVE-2025-40322
Summary (CVE-2025-40322) : In the Linux kernel framebuffer (fbdev) bitblit path, bit_putcs* computations derived a glyph pointer from the character value masked by 0xff/0x1ff, which could read past the font array end. The fix clamps the index to the actual glyph count before computing the address...
CVE-2025-40322
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
Linux Distros Unpatched Vulnerability : CVE-2025-40322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may...
PT-2022-37212 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...
Security update for freetype2 (moderate)
openSUSE Security Update: Security update for freetype2 Announcement ID: openSUSE-SU-2020:0704-1 Rating: moderate References: 1079603 1091109 Cross-References: CVE-2018-6942 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...
Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...
Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe Reade...