Your submission was sent successfully! Close

CVE-2022-35023

Published: 22 September 2022

OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/libc.so.6+0xbb384.

Notes

AuthorNote
sbeattie
debian claims oftccdump is not built in texlive-bin,
which is technically correct and thus not affected; however, the
underlying oftcc source files get compiled into the mflua binary,
and it's not clear from all these reports whether or not it is
affected by these fuzzing findings.
Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
texlive-bin
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

jammy Needs triage

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Needs triage