libgraphite2.so is vulnerable to denial of service (DoS) through null pointer dereference attacks. The vulnerability exists in src/GlyphCache.cpp
where the gr_face_dumbRendering
flag, when -cache
is enabled, leads to a null pointer dereference issue that causes the DoS.
CPE | Name | Operator | Version |
---|---|---|---|
libgraphite2.so | eq | 3.0.1 |
bugzilla.redhat.com/show_bug.cgi?id=1554383
github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
github.com/silnrsi/graphite/issues/22
lists.fedoraproject.org/archives/list/[email protected]/message/L5F3CK2IPXFCLQZEBEEXONWIABN2E7H2/
lists.fedoraproject.org/archives/list/[email protected]/message/LVWOKYZZDEMG6VSG53KAGUOHUIIQ7CND/