CVE-2017-11464
published 2017-07-19CVE-2017-11464: A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of…
PriorityP432high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
1.26%
66.0th percentile
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | librsvg | < librsvg 2.40.18-1 (bookworm) | librsvg 2.40.18-1 (bookworm) |
| gnome | librsvg | — | — |
| gnome | librsvg | >= 0 < 2.40.18-1 | 2.40.18-1 |
| gnome | librsvg | >= 0 < 2.40.18-1 | 2.40.18-1 |
| gnome | librsvg | >= 0 < 2.40.18-1 | 2.40.18-1 |
| gnome | librsvg | >= 0 < 2.40.18-1 | 2.40.18-1 |
| gnome | librsvg | >= 0 < 2.40.13-3ubuntu0.2 | 2.40.13-3ubuntu0.2 |
| gnome | librsvg | >= 0 < 2.40.13-3ubuntu0.1 | 2.40.13-3ubuntu0.1 |
| gnome | librsvg | >= 0 < 2.40.20-2ubuntu0.2 | 2.40.20-2ubuntu0.2 |
| gnome | librsvg | >= 0 < 2.40.20-2ubuntu0.1 | 2.40.20-2ubuntu0.1 |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p53g-qpqr-rqmg: A SIGFPE is raised in the function box_blur_line of rsvg-filter
ghsa_unreviewed·2022-05-13
CVE-2017-11464 [HIGH] CWE-369 GHSA-p53g-qpqr-rqmg: A SIGFPE is raised in the function box_blur_line of rsvg-filter
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
OSV
librsvg regression
osv·2020-07-29·CVSS 7.8
CVE-2017-11464 [HIGH] librsvg regression
librsvg regression
USN-4436-1 fixed a vulnerability in librsvg. The upstream fix caused a
regression when parsing certain SVG files. This update backs out the fix
pending further investigation.
Original advisory details:
It was discovered that librsvg incorrectly handled parsing certain SVG
files. A remote attacker could possibly use this issue to cause librsvg to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS. (CVE-2017-11464)
It was discovered that librsvg incorrectly handled parsing certain SVG
files with nested patterns. A remote attacker could possibly use this issue
to cause librsvg to consume resources and crash, resulting in a denial of
service. (CVE-2019-20446)
OSV
librsvg vulnerabilities
osv·2020-07-27·CVSS 7.8
CVE-2017-11464 [HIGH] librsvg vulnerabilities
librsvg vulnerabilities
It was discovered that librsvg incorrectly handled parsing certain SVG
files. A remote attacker could possibly use this issue to cause librsvg to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS. (CVE-2017-11464)
It was discovered that librsvg incorrectly handled parsing certain SVG
files with nested patterns. A remote attacker could possibly use this issue
to cause librsvg to consume resources and crash, resulting in a denial of
service. (CVE-2019-20446)
OSV
CVE-2017-11464: A SIGFPE is raised in the function box_blur_line of rsvg-filter
osv·2017-07-19·CVSS 7.8
CVE-2017-11464 [HIGH] CVE-2017-11464: A SIGFPE is raised in the function box_blur_line of rsvg-filter
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Ubuntu
librsvg regression
vendor_ubuntu·2020-07-29·CVSS 7.8
[HIGH] librsvg regression
Title: librsvg regression
Summary: USN-4436-1 introduced a regression in librsvg.
USN-4436-1 fixed a vulnerability in librsvg. The upstream fix caused a
regression when parsing certain SVG files. This update backs out the fix
pending further investigation.
Original advisory details:
It was discovered that librsvg incorrectly handled parsing certain SVG
files. A remote attacker could possibly use this issue to cause librsvg to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS. (CVE-2017-11464)
It was discovered that librsvg incorrectly handled parsing certain SVG
files with nested patterns. A remote attacker could possibly use this issue
to cause librsvg to consume resources and crash, resulting in a denial of
service. (CVE-2019-20446)
Instructions: Af
Ubuntu
librsvg vulnerabilities
vendor_ubuntu·2020-07-27·CVSS 7.8
CVE-2019-20446 [HIGH] librsvg vulnerabilities
Title: librsvg vulnerabilities
Summary: librsvg could be made to crash if it opened a specially crafted file.
It was discovered that librsvg incorrectly handled parsing certain SVG
files. A remote attacker could possibly use this issue to cause librsvg to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS. (CVE-2017-11464)
It was discovered that librsvg incorrectly handled parsing certain SVG
files with nested patterns. A remote attacker could possibly use this issue
to cause librsvg to consume resources and crash, resulting in a denial of
service. (CVE-2019-20446)
Instructions: After a standard system update you need to restart your session to make all
the necessary changes.
Red Hat
librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c
vendor_redhat·2017-07-19·CVSS 7.8
CVE-2017-11464 [HIGH] CWE-20 librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c
librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Package: librsvg2 (Red Hat Enterprise Linux 5) - Will not fix
Package: librsvg2 (Red Hat Enterprise Linux 6) - Will not fix
Package: librsvg2 (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2017-11464: librsvg - A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librs...
vendor_debian·2017·CVSS 7.8
CVE-2017-11464 [HIGH] CVE-2017-11464: librsvg - A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librs...
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Scope: local
bookworm: resolved (fixed in 2.40.18-1)
bullseye: resolved (fixed in 2.40.18-1)
forky: resolved (fixed in 2.40.18-1)
sid: resolved (fixed in 2.40.18-1)
trixie: resolved (fixed in 2.40.18-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-11464 librsvg2: librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c [fedora-all]
bugzilla·2017-07-24·CVSS 7.8
CVE-2017-11464 [HIGH] CVE-2017-11464 librsvg2: librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c [fedora-all]
CVE-2017-11464 librsvg2: librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affect
Bugzilla
CVE-2017-11464 mingw-librsvg2: librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c [fedora-all]
bugzilla·2017-07-24·CVSS 7.8
CVE-2017-11464 [HIGH] CVE-2017-11464 mingw-librsvg2: librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c [fedora-all]
CVE-2017-11464 mingw-librsvg2: librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue
Bugzilla
CVE-2017-11464 librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c
bugzilla·2017-07-24·CVSS 7.8
CVE-2017-11464 [HIGH] CVE-2017-11464 librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c
CVE-2017-11464 librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=783835
Upstream patch:
https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
Discussion:
Created librsvg2 tracking bugs for this issue:
Affects: fedora-all [bug 1474401]
Created mingw-librsvg2 tracking bugs for this issue:
Affects: fedora-all [bug 1474402]
http://www.securityfocus.com/bid/99956https://bugzilla.gnome.org/show_bug.cgi?id=783835https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972ahttps://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972ahttps://lists.debian.org/debian-lts-announce/2020/07/msg00016.htmlhttps://usn.ubuntu.com/4436-1/http://www.securityfocus.com/bid/99956https://bugzilla.gnome.org/show_bug.cgi?id=783835https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972ahttps://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972ahttps://lists.debian.org/debian-lts-announce/2020/07/msg00016.htmlhttps://usn.ubuntu.com/4436-1/
2017-07-19
Published