CVE-2018-18064

Published: 08 October 2018

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
cairo
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Deferred

Ubuntu 20.04 LTS (Focal Fossa) Deferred

Ubuntu 18.04 LTS (Bionic Beaver) Deferred

Ubuntu 16.04 ESM (Xenial Xerus) Deferred

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was deferred [2020-11-26])