CVE-2022-27406
Description
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.152
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| FreeType 2 is a font engine library (USN-5528-1) libfreetype6_2.8.1-2ubuntu2.2_i386.deb | Linux |
| FreeType 2 is a font engine library (USN-5528-1) libfreetype6_2.8.1-2ubuntu2.2_amd64.deb | Linux |
| FreeType 2 is a font engine library (USN-5528-1) libfreetype6_2.10.1-2ubuntu0.2_i386.deb | Linux |
| FreeType 2 is a font engine library (USN-5528-1) libfreetype6_2.10.1-2ubuntu0.2_amd64.deb | Linux |
| FreeType 2 is a font engine library (USN-5528-1) libfreetype6_2.11.1+dfsg-1ubuntu0.1_i386.deb | Linux |
| FreeType 2 is a font engine library (USN-5528-1) libfreetype6_2.11.1+dfsg-1ubuntu0.1_amd64.deb | Linux |
| (RHSA-2022:7745) freetype security update freetype-2.9.1-9.el8.i686.rpm | Linux |
| (RHSA-2022:7745) freetype security update freetype-2.9.1-9.el8.x86_64.rpm | Linux |
| (RHSA-2022:7745) freetype security update freetype-debugsource-2.9.1-9.el8.i686.rpm | Linux |
| (RHSA-2022:7745) freetype security update freetype-debugsource-2.9.1-9.el8.x86_64.rpm | Linux |
| (RHSA-2022:7745) freetype security update freetype-devel-2.9.1-9.el8.i686.rpm | Linux |
| (RHSA-2022:7745) freetype security update freetype-devel-2.9.1-9.el8.x86_64.rpm | Linux |
| (RHSA-2022:8340) freetype security update freetype-2.10.4-9.el9.i686.rpm | Linux |
| (RHSA-2022:8340) freetype security update freetype-2.10.4-9.el9.x86_64.rpm | Linux |
| (RHSA-2022:8340) freetype security update freetype-debugsource-2.10.4-9.el9.i686.rpm | Linux |
| (RHSA-2022:8340) freetype security update freetype-debugsource-2.10.4-9.el9.x86_64.rpm | Linux |
| (RHSA-2022:8340) freetype security update freetype-devel-2.10.4-9.el9.i686.rpm | Linux |
| (RHSA-2022:8340) freetype security update freetype-devel-2.10.4-9.el9.x86_64.rpm | Linux |
| freetype security update (RLSA-2022:7745) freetype-2.9.1-9.el8.i686.rpm | Linux |
| freetype security update (RLSA-2022:7745) freetype-2.9.1-9.el8.x86_64.rpm | Linux |
| freetype security update (RLSA-2022:7745) freetype-devel-2.9.1-9.el8.i686.rpm | Linux |
| freetype security update (RLSA-2022:7745) freetype-devel-2.9.1-9.el8.x86_64.rpm | Linux |
| freetype security update (RLSA-2022:8340) freetype-2.10.4-9.el9.i686.rpm | Linux |
| freetype security update (RLSA-2022:8340) freetype-2.10.4-9.el9.x86_64.rpm | Linux |
| freetype security update (RLSA-2022:8340) freetype-devel-2.10.4-9.el9.i686.rpm | Linux |
| freetype security update (RLSA-2022:8340) freetype-devel-2.10.4-9.el9.x86_64.rpm | Linux |
| SUSE-SU-2022:3252-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libfreetype6-2.10.4-150000.4.12.1.x86_64_15_SP3.rpm | Linux |
| SUSE-SU-2022:3252-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) freetype2-devel-2.10.4-150000.4.12.1.x86_64_15_SP3.rpm | Linux |
| SUSE-SU-2022:3252-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libfreetype6-32bit-2.10.4-150000.4.12.1.x86_64_15_SP3.rpm | Linux |
| (RHSA-2022:7745)Moderate: security update freetype-debuginfo-2.9.1-9.el8.i686.rpm | Linux |
| (RHSA-2022:7745)Moderate: security update freetype-debuginfo-2.9.1-9.el8.x86_64.rpm | Linux |
| (RHSA-2022:7745)Moderate: security update freetype-demos-debuginfo-2.9.1-9.el8.i686.rpm | Linux |
| (RHSA-2022:7745)Moderate: security update freetype-demos-debuginfo-2.9.1-9.el8.x86_64.rpm | Linux |
| Freetype update (ELSA-2022-7745) freetype-2.9.1-9.el8.i686.rpm | Linux |
| Freetype update (ELSA-2022-7745) freetype-2.9.1-9.el8.x86_64.rpm | Linux |
| Freetype-devel update (ELSA-2022-7745) freetype-devel-2.9.1-9.el8.i686.rpm | Linux |
| Freetype-devel update (ELSA-2022-7745) freetype-devel-2.9.1-9.el8.x86_64.rpm | Linux |
| Freetype update (ELSA-2022-8340) freetype-2.10.4-9.el9.i686.rpm | Linux |
| Freetype update (ELSA-2022-8340) freetype-2.10.4-9.el9.x86_64.rpm | Linux |
| Freetype-devel update (ELSA-2022-8340) freetype-devel-2.10.4-9.el9.i686.rpm | Linux |
| Freetype-devel update (ELSA-2022-8340) freetype-devel-2.10.4-9.el9.x86_64.rpm | Linux |
| freetype Security Update (ALAS-2023-188) freetype-2.13.0-2.amzn2023.0.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS-2023-188) freetype-demos-2.13.0-2.amzn2023.0.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS-2023-188) freetype-devel-2.13.0-2.amzn2023.0.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS-2023-1909) freetype-2.8-14.amzn2.1.1.i686.rpm | Linux |
| freetype Security Update (ALAS-2023-1909) freetype-2.8-14.amzn2.1.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS-2023-1909) freetype-demos-2.8-14.amzn2.1.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS-2023-1909) freetype-devel-2.8-14.amzn2.1.1.x86_64.rpm | Linux |
| Moderate: freetype security update freetype-2.10.4-9.el9.i686.rpm | Linux |
| Moderate: freetype security update freetype-2.10.4-9.el9.x86_64.rpm | Linux |
| Moderate: freetype security update freetype-devel-2.10.4-9.el9.i686.rpm | Linux |
| Moderate: freetype security update freetype-devel-2.10.4-9.el9.x86_64.rpm | Linux |
| freetype Security Update (ALAS2023-2023-074) freetype-2.12.1-3.amzn2023.0.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS2023-2023-074) freetype-demos-2.12.1-3.amzn2023.0.1.x86_64.rpm | Linux |
| freetype Security Update (ALAS2023-2023-074) freetype-devel-2.12.1-3.amzn2023.0.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234