CVE-2016-6163
published 2017-02-03CVE-2016-6163: The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via…
PriorityP418medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
EPSS
1.39%
68.9th percentile
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | librsvg | < librsvg 2.40.9-2 (bookworm) | librsvg 2.40.9-2 (bookworm) |
| gnome | librsvg | — | — |
| gnome | librsvg | >= 0 < 2.40.9-2 | 2.40.9-2 |
| gnome | librsvg | >= 0 < 2.40.9-2 | 2.40.9-2 |
| gnome | librsvg | >= 0 < 2.40.9-2 | 2.40.9-2 |
| gnome | librsvg | >= 0 < 2.40.9-2 | 2.40.9-2 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
librsvg2: Out-of-bounds read when processing crafted SVG file
vendor_redhat·2016-07-04·CVSS 5.5
CVE-2016-6163 [MEDIUM] CWE-125 librsvg2: Out-of-bounds read when processing crafted SVG file
librsvg2: Out-of-bounds read when processing crafted SVG file
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
Package: librsvg2 (Red Hat Enterprise Linux 5) - Not affected
Package: librsvg2 (Red Hat Enterprise Linux 6) - Will not fix
Package: librsvg2 (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2016-6163: librsvg - The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2...
vendor_debian·2016·CVSS 5.5
CVE-2016-6163 [MEDIUM] CVE-2016-6163: librsvg - The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2...
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
Scope: local
bookworm: resolved (fixed in 2.40.9-2)
bullseye: resolved (fixed in 2.40.9-2)
forky: resolved (fixed in 2.40.9-2)
sid: resolved (fixed in 2.40.9-2)
trixie: resolved (fixed in 2.40.9-2)
GHSA
GHSA-j5fp-32j6-2xmr: The rsvg_pattern_fix_fallback function in rsvg-paint_server
ghsa_unreviewed·2022-05-17
CVE-2016-6163 [MEDIUM] CWE-125 GHSA-j5fp-32j6-2xmr: The rsvg_pattern_fix_fallback function in rsvg-paint_server
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
OSV
CVE-2016-6163: The rsvg_pattern_fix_fallback function in rsvg-paint_server
osv·2017-02-03·CVSS 5.5
CVE-2016-6163 [MEDIUM] CVE-2016-6163: The rsvg_pattern_fix_fallback function in rsvg-paint_server
The rsvg_pattern_fix_fallback function in rsvg-paint_server.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted svg file.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-6163 librsvg2: Out-of-bounds read when processing crafted SVG file
bugzilla·2016-07-07·CVSS 5.5
CVE-2016-6163 [MEDIUM] CVE-2016-6163 librsvg2: Out-of-bounds read when processing crafted SVG file
CVE-2016-6163 librsvg2: Out-of-bounds read when processing crafted SVG file
An out-of-bounds read vulnerability that leads to segmentation fault was found in librsvg2 when processing specially crafted SVG file using Firefox.
CVE request (contains reproducer):
http://seclists.org/oss-sec/2016/q3/7
Upstream patch:
https://git.gnome.org/browse/librsvg/commit/?id=0035e95118a60c0cd3949c2300472d805e16a022
Discussion:
Fedora 24, package librsvg2, is not vulnerable because it currently has librsvg2-2.40.15-1.fc24 in stable
---
Created librsvg2 tracking bugs for this issue:
Affects: fedora-all [bug 1353521]
---
Created mingw-librsvg2 tracking bugs for this issue:
Affects: fedora-all [bug 1353522]
Bugzilla
CVE-2016-6163 mingw-librsvg2: librsvg2: Out-of-bounds read when processing crafted SVG file [fedora-all]
bugzilla·2016-07-07·CVSS 5.5
CVE-2016-6163 [MEDIUM] CVE-2016-6163 mingw-librsvg2: librsvg2: Out-of-bounds read when processing crafted SVG file [fedora-all]
CVE-2016-6163 mingw-librsvg2: librsvg2: Out-of-bounds read when processing crafted SVG file [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects mult
Bugzilla
CVE-2016-6163 librsvg2: Out-of-bounds read when processing crafted SVG file [fedora-all]
bugzilla·2016-07-07·CVSS 5.5
CVE-2016-6163 [MEDIUM] CVE-2016-6163 librsvg2: Out-of-bounds read when processing crafted SVG file [fedora-all]
CVE-2016-6163 librsvg2: Out-of-bounds read when processing crafted SVG file [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported v
http://www.openwall.com/lists/oss-security/2016/07/04/3http://www.openwall.com/lists/oss-security/2016/07/05/9https://bugzilla.redhat.com/show_bug.cgi?id=1353520http://www.openwall.com/lists/oss-security/2016/07/04/3http://www.openwall.com/lists/oss-security/2016/07/05/9https://bugzilla.redhat.com/show_bug.cgi?id=1353520
2017-02-03
Published