freetype is vulnerable to Denial Of Services (DoS). The vulnerability exists because of the integer overflow in the tt_hvadvance_adjust
function of ttgxvar.c
, which allows an attacker to cause an application crash.
access.redhat.com/security/cve/CVE-2023-2004
bugs.chromium.org/p/oss-fuzz/issues/detail?id=50462
bugzilla.redhat.com/show_bug.cgi?id=2186428
github.com/freetype/freetype/commit/e6fda039ad638866b7a6a5d046f03278ba1b7611
lists.fedoraproject.org/archives/list/[email protected]/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/
lists.fedoraproject.org/archives/list/[email protected]/message/ES2CDRHR2Y4WY6DNDIAPYZFXJU3ZBFAV/
lists.fedoraproject.org/archives/list/[email protected]/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/
lists.fedoraproject.org/archives/list/[email protected]/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/
lists.fedoraproject.org/archives/list/[email protected]/message/KDNGTGQAUZJ6YQDI2AVGYIFFPUMMZLKS/
lists.fedoraproject.org/archives/list/[email protected]/message/NGWWGQULJ7QRNP4GY57HE7OO7VMRWMPN/
lists.fedoraproject.org/archives/list/[email protected]/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/
lists.fedoraproject.org/archives/list/[email protected]/message/SFZWDF43D73C5KWFF26GIIVZJKEFPS3K/
lists.fedoraproject.org/archives/list/[email protected]/message/SLO7BL2MHZYPY6O3OAEAQL3SKYMGGO6M/
lists.fedoraproject.org/archives/list/[email protected]/message/VRSEIYMPWLVPGTC34N2Q3WAUHGGOWSWP/