ALT-PU-2022-3188-1
Closed vulnerabilities
Published: 2022-11-03
BDU:2022-06667
Уязвимость функции rasterize_edges_8 библиотеки Pixman, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (8.8)
Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-11-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-44638
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
Severity: HIGH (8.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html
- http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html
- [oss-security] 20221104 Fwd: [ANNOUNCE] pixman release 0.42.2 now available
- [oss-security] 20221104 Fwd: [ANNOUNCE] pixman release 0.42.2 now available
- https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
- https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
- [debian-lts-announce] 20221107 [SECURITY] [DLA 3179-1] pixman security update
- [debian-lts-announce] 20221107 [SECURITY] [DLA 3179-1] pixman security update
- FEDORA-2022-3cf0e7ebc7
- FEDORA-2022-3cf0e7ebc7
- FEDORA-2022-ae2559a8f4
- FEDORA-2022-ae2559a8f4
- FEDORA-2022-f3a939e960
- FEDORA-2022-f3a939e960
- DSA-5276
- DSA-5276