[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Invalid free in cairo_ft_apply_variations
From:       Michael Catanzaro <mcatanzaro () igalia ! com>
Date:       2018-12-07 17:19:43
Message-ID: 1544203183.3826.2 () mail ! igalia ! com
[Download RAW message or body]

Hi,

cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c frees 
memory using the wrong free function, leading to memory corruption. 
Because cairo is used by WebKitGTK+, WPE WebKit, and the WinCairo port 
of WebKit, this issue can be triggered by web content. CVE-2018-19876 
has been allocated by MITRE. For details, see:

https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5

We recommend Linux distros should patch cairo because the fix has not 
yet been integrated into the upstream source code repository:

https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5.patch
(warning: link provided for convenience, it is not a stable link)

Michael

[prev in list] [next in list] [prev in thread] [next in thread]