Home

CVE-2017-11464

Description

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.267

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) gdk-pixbuf-loader-rsvg-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) gdk-pixbuf-loader-rsvg-debuginfo-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) librsvg-2-2-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) librsvg-2-2-32bit-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) librsvg-2-2-debuginfo-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) librsvg-2-2-debuginfo-32bit-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) librsvg-debugsource-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) rsvg-view-2.40.18-5.3.1.x86_64.rpmLinux
SUSE-SU-2017:2117-1(SUSE Linux Enterprise Desktop 12-SP2 ) rsvg-view-debuginfo-2.40.18-5.3.1.x86_64.rpmLinux
renderer library for SVG files (USN-4436-1) librsvg2-2_2.40.13-3ubuntu0.1_i386.debLinux
renderer library for SVG files (USN-4436-1) librsvg2-2_2.40.13-3ubuntu0.1_amd64.debLinux
renderer library for SVG files (USN-4436-1) librsvg2-2_2.40.20-2ubuntu0.1_i386.debLinux
renderer library for SVG files (USN-4436-1) librsvg2-2_2.40.20-2ubuntu0.1_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234