CVE-2019-6462
Published: 16 January 2019
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
Priority
Low
CVSS 3 base score: 6.5
Status
| Package | Release | Status |
|---|---|---|
|
cairo Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.04 (Hirsute Hippo) |
Deferred
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Deferred
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Deferred
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Deferred
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Deferred
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was deferred [2020-11-26])
|
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2020-11-26, no upstream fix |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6462
- https://github.com/TeamSeri0us/pocs/tree/master/gerbv
- NVD
- Launchpad
- Debian