CVE-2018-18064 — Out-of-bounds Write in Cairo

CWE-787 — Out-of-bounds Write CWE-121 — Stack-based Buffer Overflow9 documents6 sources

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 33.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cairographics Cairo Debian Cairo

Timeline

PublishedOct 8

Latest updateMay 13

Description

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDcairographics/cairo1.15.14

▶debiandebian/cairo

🔴Vulnerability Details

GHSA

GHSA-8wp2-6325-3w3v: cairo through 1↗2022-05-13

▶

OSV

CVE-2018-18064: cairo through 1↗2018-10-08

▶

📋Vendor Advisories

Red Hat

cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document↗2018-10-08

▶

Debian

CVE-2018-18064: cairo - cairo through 1.15.14 has an out-of-bounds stack-memory write during processing ...↗2018

▶

💬Community

Bugzilla

CVE-2018-18064 mingw-cairo: cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document [epel-7]↗2018-10-10

▶

Bugzilla

CVE-2018-18064 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document↗2018-10-10

▶

Bugzilla

CVE-2018-18064 mingw-cairo: cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document [fedora-all]↗2018-10-10

▶

Bugzilla

CVE-2018-18064 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document [fedora-all]↗2018-10-10

▶