CVE-2018-19876Use After Free in Cairo

CWE-416Use After Free10 documents7 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 46.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Cairographics CairoDebian CairoMsrc CBL Mariner 1.0 ARM+2 more
Timeline
PublishedDec 5
Latest updateMay 14

Description

cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages6 packages

debiandebian/cairo< cairo 1.16.0-4 (bookworm)
Debiancairographics/cairo< 1.16.0-4+3

Patches

Patch: bugs.webkit.orgPatch: gitlab.freedesktop.orgPatch: bugs.webkit.org

🔴Vulnerability Details

2
GHSA
GHSA-m5xr-7jg3-vh46: cairo 12022-05-14
OSV
CVE-2018-19876: cairo 12018-12-05

📋Vendor Advisories

3
Microsoft
cairo 1.16.0 in cairo_ft_apply_variations() in cairo-ft-font.c would free memory using a free function incompatible with WebKit's fastMalloc leading to an application crash with a "free(): invalid poi2018-12-11
Red Hat
cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service2018-11-13
Debian
CVE-2018-19876: cairo - cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memo...2018

💬Community

4
Bugzilla
CVE-2018-19876 cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service [fedora-all]2018-12-21
Bugzilla
CVE-2018-19876 mingw-cairo: cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service [fedora-all]2018-12-21
Bugzilla
CVE-2018-19876 mingw-cairo: cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service [epel-7]2018-12-21
Bugzilla
CVE-2018-19876 cairo: Invalid free in cairo_ft_apply_variations() resulting in a denial of service2018-12-21