Bug 916867 - (CVE-2014-9659) VUL-0: CVE-2014-9659: freetype2: stack-based buffer overflow in cff/cf2intrp.c in the CFF CharString interpreter
(CVE-2014-9659)
VUL-0: CVE-2014-9659: freetype2: stack-based buffer overflow in cff/cf2intrp....
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Vladimir Nadvornik
Security Team bot
https://smash.suse.de/issue/113635/
CVSSv2:RedHat:CVE-2014-9659:6.8:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-02-09 10:56 UTC by Johannes Segitz
Modified: 2019-05-22 01:02 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2015-02-09 10:56:49 UTC
CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4
proceeds with additional hints after the hint mask has been computed, which
allows remote attackers to execute arbitrary code or cause a denial of service
(stack-based buffer overflow) via a crafted OpenType font.  NOTE: this
vulnerability exists because of an incomplete fix for CVE-2014-2240.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9659
http://code.google.com/p/google-security-research/issues/detail?id=190
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8
Comment 1 Swamp Workflow Management 2015-02-09 23:03:04 UTC
bugbot adjusting priority
Comment 2 Swamp Workflow Management 2015-02-11 08:46:13 UTC
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2015-02-25.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/60646
Comment 4 Bernhard Wiedemann 2015-02-20 15:00:47 UTC
This is an autogenerated message for OBS integration:
This bug (916867) was mentioned in
https://build.opensuse.org/request/show/286989 13.2 / freetype2
https://build.opensuse.org/request/show/286990 13.1 / freetype2
Comment 6 Swamp Workflow Management 2015-03-10 14:07:50 UTC
SUSE-SU-2015:0455-1: An update that fixes 21 vulnerabilities is now available.

Category: security (moderate)
Bug References: 916847,916856,916857,916858,916859,916860,916861,916862,916863,916864,916865,916867,916868,916870,916871,916872,916873,916874,916879,916881
CVE References: CVE-2014-2240,CVE-2014-9656,CVE-2014-9657,CVE-2014-9658,CVE-2014-9659,CVE-2014-9660,CVE-2014-9661,CVE-2014-9662,CVE-2014-9663,CVE-2014-9664,CVE-2014-9665,CVE-2014-9666,CVE-2014-9667,CVE-2014-9668,CVE-2014-9669,CVE-2014-9670,CVE-2014-9671,CVE-2014-9672,CVE-2014-9673,CVE-2014-9674,CVE-2014-9675
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    freetype2-2.5.3-5.1
SUSE Linux Enterprise Server 12 (src):    freetype2-2.5.3-5.1
SUSE Linux Enterprise Desktop 12 (src):    freetype2-2.5.3-5.1
Comment 7 Bernhard Wiedemann 2015-03-20 16:00:47 UTC
This is an autogenerated message for OBS integration:
This bug (916867) was mentioned in
https://build.opensuse.org/request/show/292048 13.2 / freetype2
https://build.opensuse.org/request/show/292049 13.1 / freetype2
Comment 8 Marcus Meissner 2015-03-30 14:42:03 UTC
erlease3d
Comment 9 Swamp Workflow Management 2015-03-30 15:07:06 UTC
openSUSE-SU-2015:0627-1: An update that fixes 20 vulnerabilities is now available.

Category: security (moderate)
Bug References: 916847,916856,916857,916858,916859,916860,916861,916862,916863,916864,916865,916867,916868,916870,916871,916872,916873,916874,916879,916881
CVE References: CVE-2014-9656,CVE-2014-9657,CVE-2014-9658,CVE-2014-9659,CVE-2014-9660,CVE-2014-9661,CVE-2014-9662,CVE-2014-9663,CVE-2014-9664,CVE-2014-9665,CVE-2014-9666,CVE-2014-9667,CVE-2014-9668,CVE-2014-9669,CVE-2014-9670,CVE-2014-9671,CVE-2014-9672,CVE-2014-9673,CVE-2014-9674,CVE-2014-9675
Sources used:
openSUSE 13.2 (src):    freetype2-2.5.3-2.4.1, ft2demos-2.5.3-2.4.1
openSUSE 13.1 (src):    freetype2-2.5.0.1-2.4.1, ft2demos-2.5.0-2.4.1