[Bug 1191192] New: CVE-2014-9675 freetype: bypass the ASLR protection mechanism via a crafted BDF font
bugzilla at redhat.com
bugzilla at redhat.com
Tue Feb 10 16:21:56 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1191192
Bug ID: 1191192
Summary: CVE-2014-9675 freetype: bypass the ASLR protection
mechanism via a crafted BDF font
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team at redhat.com
Reporter: mprpic at redhat.com
CC: behdad at fedoraproject.org,
fonts-bugs at lists.fedoraproject.org,
kevin at tigcc.ticalc.org, mkasik at redhat.com
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only
verifying that an initial substring is present, which allows remote attackers
to discover heap pointer values and bypass the ASLR protection mechanism via a
crafted BDF font.
Upstream issue:
http://code.google.com/p/google-security-research/issues/detail?id=151
Upstream patch:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=FHyVs5R36A&a=cc_unsubscribe
More information about the fonts-bugs
mailing list