https://bugzilla.redhat.com/show_bug.cgi?id=1429965
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |0825,reported=20170306,sour |0825,reported=20170306,sour |ce=cve,cvss3=5.9/CVSS:3.0/A |ce=cve,cvss3=5.9/CVSS:3.0/A |V:N/AC:H/PR:N/UI:N/S:U/C:N/ |V:N/AC:H/PR:N/UI:N/S:U/C:N/ |I:N/A:H,cwe=CWE-20,fedora-a |I:N/A:H,cwe=CWE-20,fedora-a |ll/freetype=affected,fedora |ll/freetype=affected,fedora |-all/mingw-freetype=affecte |-all/mingw-freetype=affecte |d,epel-7/mingw-freetype=aff |d,epel-7/mingw-freetype=aff |ected,rhel-5/freetype=new,r |ected,rhel-5/freetype=wontf |hel-6/freetype=new,rhel-7/f |ix,rhel-6/freetype=wontfix, |reetype=new,rhev-m-3/mingw- |rhel-7/freetype=wontfix,rhe |virt-viewer=new |v-m-3/mingw-virt-viewer=won | |tfix Last Closed| |2017-03-23 01:50:59
--- Comment #2 from Huzaifa S. Sidhpurwala huzaifas@redhat.com --- Analysis:
As per the patch, seems to be a OOB read, causing a crash. I dont have access to the reproducer, but seems all versions of freetype shipped with Red Hat Enterprise Linux are affected.