Denial of service in Cairo

Published: 2018-12-07 16:56:25
Severity Low
Patch available NO
Number of vulnerabilities 1
CVE ID CVE-2018-19876
CVSSv3 6.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CWE ID CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software Cairo
Vulnerable software versions Cairo 1.16.0
Vendor URL Carl Worth, Behdad Esfahbod

Security Advisory

1) Improper input validation

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the cairo_ft_apply_variations() function, as defined in the cairo-ft-font.c source code file due to an error when processing malicious input. A remote attacker can attempt to free memory by using a free function that is incompatible with WebKit's fastMalloc and cause the application to crash, resulting in a DoS condition.

Remediation

Cybersecurity Help is currently unaware of any official solutions to address the vulnerability.

External links

https://bugs.webkit.org/show_bug.cgi?id=191595
https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5

Back to List