Bugzilla – Bug 916847
VUL-0: CVE-2014-9656: freetype2: integer overflow in the tt_sbit_decoder_load_image function in sfnt/ttsbit.c
Last modified: 2019-05-22 01:01:19 UTC
CVE-2014-9656 The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9656 http://code.google.com/p/google-security-research/issues/detail?id=196 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a
bugbot adjusting priority
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-02-25. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/60646
SLE11 is not affected, I have not found the code in freetype2-2.3.7 and the poc file does not crash.
This is an autogenerated message for OBS integration: This bug (916847) was mentioned in https://build.opensuse.org/request/show/286989 13.2 / freetype2 https://build.opensuse.org/request/show/286990 13.1 / freetype2
SUSE-SU-2015:0455-1: An update that fixes 21 vulnerabilities is now available. Category: security (moderate) Bug References: 916847,916856,916857,916858,916859,916860,916861,916862,916863,916864,916865,916867,916868,916870,916871,916872,916873,916874,916879,916881 CVE References: CVE-2014-2240,CVE-2014-9656,CVE-2014-9657,CVE-2014-9658,CVE-2014-9659,CVE-2014-9660,CVE-2014-9661,CVE-2014-9662,CVE-2014-9663,CVE-2014-9664,CVE-2014-9665,CVE-2014-9666,CVE-2014-9667,CVE-2014-9668,CVE-2014-9669,CVE-2014-9670,CVE-2014-9671,CVE-2014-9672,CVE-2014-9673,CVE-2014-9674,CVE-2014-9675 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): freetype2-2.5.3-5.1 SUSE Linux Enterprise Server 12 (src): freetype2-2.5.3-5.1 SUSE Linux Enterprise Desktop 12 (src): freetype2-2.5.3-5.1
This is an autogenerated message for OBS integration: This bug (916847) was mentioned in https://build.opensuse.org/request/show/292048 13.2 / freetype2 https://build.opensuse.org/request/show/292049 13.1 / freetype2
released
openSUSE-SU-2015:0627-1: An update that fixes 20 vulnerabilities is now available. Category: security (moderate) Bug References: 916847,916856,916857,916858,916859,916860,916861,916862,916863,916864,916865,916867,916868,916870,916871,916872,916873,916874,916879,916881 CVE References: CVE-2014-9656,CVE-2014-9657,CVE-2014-9658,CVE-2014-9659,CVE-2014-9660,CVE-2014-9661,CVE-2014-9662,CVE-2014-9663,CVE-2014-9664,CVE-2014-9665,CVE-2014-9666,CVE-2014-9667,CVE-2014-9668,CVE-2014-9669,CVE-2014-9670,CVE-2014-9671,CVE-2014-9672,CVE-2014-9673,CVE-2014-9674,CVE-2014-9675 Sources used: openSUSE 13.2 (src): freetype2-2.5.3-2.4.1, ft2demos-2.5.3-2.4.1 openSUSE 13.1 (src): freetype2-2.5.0.1-2.4.1, ft2demos-2.5.0-2.4.1