USN-5524-1: HarfBuzz vulnerability
19 July 2022
HarfBuzz could be made to crash if it opened specially crafted data.
- harfbuzz - OpenType text shaping engine
It was discovered that HarfBuzz incorrectly handled certain glyph sizes. A
remote attacker could use this issue to cause HarfBuzz to crash, resulting
in a denial of service.