Date: Fri, 28 Apr 2017 14:34:38 +0800 From: 李琪 <pjqruc@...il.com> To: oss-security@...ts.openwall.com Subject: CVE-2017-7475 Cairo-1.15.4 Denial-of-Service Attack due to Logical Problem in Program Hello, ## Overview I and my colleague have found a vulnerability of Cairo-1.15.4 when fuzzing HarfBuzz with AFL. Cairo is a 2d graphics library, and HarBuzz is an OpenType text shaping engine which contains a tool named *hb-view* to give a graphical view of text using Cairo with a font provided by user. Owing to logical problem in program, the crash happens during null pointer deference and the vulnerability will cause a denial-of-service attack with a crafted font file. ## Note I have reported this issue to cairo and here is the link: https://bugs.freedesktop.org/show_bug.cgi?id=100763. When I disclosure to Red Hat Product Security, they suggest me to use CVE-2017-7475 for this issue and I have communicated this number to upstream. Best Regards, -- Jiaqi Peng, Bingchang Liu @ VARAS of IIE
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.