An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash, or, potentially, execute arbitrary code. Upstream bug: https://bugs.freedesktop.org/show_bug.cgi?id=92027 Patch: https://bugs.freedesktop.org/attachment.cgi?id=118382
External References: https://bugs.freedesktop.org/show_bug.cgi?id=92027