It was found that specially crafted font can cause an out-of-bounds read potentially resulting in an information leak or denial of service. An attacker can provide a malicious font to trigger this vulnerability. When reading an invalid font where the loca table size is set to 0 an out of bounds read will occur.
Created graphite2 tracking bugs for this issue:
Affects: fedora-all [bug 1308591]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2016:0594 https://rhn.redhat.com/errata/RHSA-2016-0594.html