CVE-2011-3146 — Librsvg vulnerability

8 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

3.4%

top 12.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnome Librsvg Debian Librsvg

Timeline

PublishedSep 5

Latest updateMay 17

Description

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/librsvg< librsvg 2.34.1-1 (bookworm)

▶Debiangnome/librsvg< 2.34.1-1+3

▶NVDgnome/librsvg2.34.0

Patches

Patch: git.gnome.org ↗Patch: git.gnome.org ↗

🔴Vulnerability Details

GHSA

GHSA-x9rw-3x6c-c4h9: librsvg before 2↗2022-05-17

▶

OSV

CVE-2011-3146: librsvg before 2↗2012-09-05

▶

📋Vendor Advisories

Ubuntu

librsvg vulnerability↗2011-09-13

▶

Red Hat

librsvg: object type mismatch leading to invalid pointer dereference↗2011-09-06

▶

Debian

CVE-2011-3146: librsvg - librsvg before 2.34.1 uses the node name to identify the type of node, which all...↗2011

▶

💬Community

Bugzilla

CVE-2011-3146 librsvg: NULL pointer dereference flaw [fedora-all]↗2011-09-07

▶

Bugzilla

CVE-2011-3146 librsvg: object type mismatch leading to invalid pointer dereference↗2011-08-31

▶