oss-sec mailing list archives
Re: [Pixman] create_bits(): Cast the result of height * stride to size_t
From: cve-assign () mitre org
Date: Wed, 24 Feb 2016 10:55:24 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
There is an (old) integer overflow in create_bits in the pixman library.
https://web.archive.org/web/20141227044037/http://lists.freedesktop.org/archives/pixman/2014-April/003244.html https://bugzilla.redhat.com/show_bug.cgi?id=972647
Use CVE-2014-9766. 003244.html has this linked discussion, which is not part of the definition of the CVE-2014-9766 ID: https://bugs.freedesktop.org/show_bug.cgi?id=69014 https://lists.freedesktop.org/archives/pixman/2013-September/002915.html https://bugs.freedesktop.org/attachment.cgi?id=85448 - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWzdF9AAoJEL54rhJi8gl5BlIQALu4bdEqoZE/fTlEJSOXQj2s 4ZWZYb120yISoKjK3kHfGfDtJMi/JeEkXkMTkQjulreq/wYHBHnBeGBxJBw1laae 7JtS8ULmmR8+WBd/X1ZTmfZ4VhwYcJn0utXaN7su0QK6a3YfG7DasL1Paywf1z6E eDMXRJgDE2ml3sHTyodAFvfHbYcpMK7EQao7HJA7o49Vr0NcNJVmW+pYqu0Hq0N+ j+WilQ4eYiw1I6GgXxiQQlOKFKdnKmflOJXEJp8qMr8iokP9OX5ewN7d/007uZNA 3gCzt7tpsBACzjx/01exaUdKOFDxHB+l1vglHiC2aFlLN46U637DiJpL0OMN+soF AYV0vRGIfxKZOSpSk4398gbX10kv2ew9uOG9UbzkRqneZmdXWqZXPMJ2eH/H2doV hdNpt7B+6mgKQpYZZI3OrMilj5ZXfGNc4R2RSt0ViTfabn6D5gYynTrE+Jh37mgZ phfBvReUZIP108iAgdxOOi2pLRuUYU4ayeDmQkhNQPaokoAyxkOdy7eorJC8yRD5 HJ/sL6zKuLJkfaBrsr5zbOe3DD2VqtFQ/mGp0kgAjcKpgdvFyR5IG3n0JiBS+p8c Q/CC7tb/gFLJYR9fReUmeJJ4xIY6dzUaXRaxocWuSts8sOgwwyUEiIdDdEK3vxu2 Gew7VEXZN1T9nBktQhgY =IpY0 -----END PGP SIGNATURE-----
Current thread:
- [Pixman] create_bits(): Cast the result of height * stride to size_t Gustavo Grieco (Feb 24)
- Re: [Pixman] create_bits(): Cast the result of height * stride to size_t cve-assign (Feb 24)
- Re: [Pixman] create_bits(): Cast the result of height * stride to size_t Alan Coopersmith (Feb 25)