Your submission was sent successfully! Close

CVE-2022-27405

Published: 22 April 2022

FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.

Notes

AuthorNote
rodrigo-zaiden
method that has the vulnerable code, ft_open_face_internal
was added in version 2.7.1, commit:
https://gitlab.freedesktop.org/freetype/freetype/-/commit/5743df77
and the reproducer from the issue only reproduces when the
commit from the description is included, but, I'm not sure
if it is a side-effect from this commit or not.
Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
freetype
Launchpad, Ubuntu, Debian
bionic
Released (2.8.1-2ubuntu2.2)
focal
Released (2.10.1-2ubuntu0.2)
impish Ignored
(reached end-of-life)
jammy
Released (2.11.1+dfsg-1ubuntu0.1)
kinetic Not vulnerable
(2.12.1+dfsg-2)
trusty Not vulnerable
(code-not-present)
upstream
Released (2.11.1+dfsg-2,2.12.0)
xenial Not vulnerable
(code-not-present)
Patches:
upstream: https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5