Wind River Support Network

HomeDefectsLIN8-11289
Fixed

LIN8-11289 : Security Advisory - freetype - CVE-2015-9290

Created: Jul 30, 2019    Updated: Aug 21, 2019
Resolved Date: Aug 13, 2019
Found In Version: 8.0.0.1
Fix Version: 8.0.0.31
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.

CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2015-9290 User=admin}

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube