oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Pixman] create_bits(): Cast the result of height * stride to size_t

From: cve-assign () mitre org
Date: Wed, 24 Feb 2016 10:55:24 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


There is an (old) integer overflow in create_bits in the pixman library.



https://web.archive.org/web/20141227044037/http://lists.freedesktop.org/archives/pixman/2014-April/003244.html
https://bugzilla.redhat.com/show_bug.cgi?id=972647


Use CVE-2014-9766.


003244.html has this linked discussion, which is not part of the
definition of the CVE-2014-9766 ID:

  https://bugs.freedesktop.org/show_bug.cgi?id=69014
  https://lists.freedesktop.org/archives/pixman/2013-September/002915.html
  https://bugs.freedesktop.org/attachment.cgi?id=85448

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWzdF9AAoJEL54rhJi8gl5BlIQALu4bdEqoZE/fTlEJSOXQj2s
4ZWZYb120yISoKjK3kHfGfDtJMi/JeEkXkMTkQjulreq/wYHBHnBeGBxJBw1laae
7JtS8ULmmR8+WBd/X1ZTmfZ4VhwYcJn0utXaN7su0QK6a3YfG7DasL1Paywf1z6E
eDMXRJgDE2ml3sHTyodAFvfHbYcpMK7EQao7HJA7o49Vr0NcNJVmW+pYqu0Hq0N+
j+WilQ4eYiw1I6GgXxiQQlOKFKdnKmflOJXEJp8qMr8iokP9OX5ewN7d/007uZNA
3gCzt7tpsBACzjx/01exaUdKOFDxHB+l1vglHiC2aFlLN46U637DiJpL0OMN+soF
AYV0vRGIfxKZOSpSk4398gbX10kv2ew9uOG9UbzkRqneZmdXWqZXPMJ2eH/H2doV
hdNpt7B+6mgKQpYZZI3OrMilj5ZXfGNc4R2RSt0ViTfabn6D5gYynTrE+Jh37mgZ
phfBvReUZIP108iAgdxOOi2pLRuUYU4ayeDmQkhNQPaokoAyxkOdy7eorJC8yRD5
HJ/sL6zKuLJkfaBrsr5zbOe3DD2VqtFQ/mGp0kgAjcKpgdvFyR5IG3n0JiBS+p8c
Q/CC7tb/gFLJYR9fReUmeJJ4xIY6dzUaXRaxocWuSts8sOgwwyUEiIdDdEK3vxu2
Gew7VEXZN1T9nBktQhgY
=IpY0
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: