| Summary: | CVE-2016-1522 graphite2: Null pointer dereference and out-of-bounds access vulnerabilities | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | caolanm, carnil, slawomir, vanoudt |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of the application.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-06-01 19:20:05 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | 1305811, 1309052, 1309053 | ||
| Bug Blocks: | 1305678 | ||
|
Description
Adam Mariš
2016-02-09 10:05:16 UTC
Created graphite2 tracking bugs for this issue: Affects: fedora-all [bug 1305811] This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2016:0197 https://rhn.redhat.com/errata/RHSA-2016-0197.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0594 https://rhn.redhat.com/errata/RHSA-2016-0594.html |