CVE-2017-8105

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
freetypefreetype
𝑥
< 2.7.1
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
freetype
bookworm
2.12.1+dfsg-5+deb12u3
fixed
bullseye
2.10.4+dfsg-1+deb11u1
fixed
sid
2.13.3+dfsg-1
fixed
trixie
2.13.3+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
freetype
precise
ignored
trusty
Fixed 2.5.2-1ubuntu2.8
released
xenial
Fixed 2.6.1-0.1ubuntu2.3
released
yakkety
Fixed 2.6.3-3ubuntu1.3
released
zesty
Fixed 2.6.3-3ubuntu2.2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
freetype2-devel
suse enterprise desktop 15
2.9-2.13
fixed
suse enterprise desktop 15 SP1
2.9-2.13
fixed
suse enterprise desktop 15 SP2
2.10.1-4.3.1
fixed
suse enterprise desktop 15 SP3
2.10.1-4.8.1
fixed
suse enterprise desktop 15 SP4
2.10.1-4.8.1
fixed
suse enterprise desktop 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise desktop 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise desktop 15 SP7
2.10.4-150000.4.22.1
fixed
suse enterprise sap 15
2.9-2.13
fixed
suse enterprise sap 15 SP1
2.9-2.13
fixed
suse enterprise sap 15 SP2
2.10.1-4.3.1
fixed
suse enterprise sap 15 SP3
2.10.1-4.8.1
fixed
suse enterprise sap 15 SP4
2.10.1-4.8.1
fixed
suse enterprise sap 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise sap 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise sap 15 SP7
2.10.4-150000.4.22.1
fixed
suse enterprise server 15
2.9-2.13
fixed
suse enterprise server 15 SP1
2.9-2.13
fixed
suse enterprise server 15 SP2
2.10.1-4.3.1
fixed
suse enterprise server 15 SP3
2.10.1-4.8.1
fixed
suse enterprise server 15 SP4
2.10.1-4.8.1
fixed
suse enterprise server 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise server 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise server 15 SP7
2.10.4-150000.4.22.1
fixed
ft2demos
suse enterprise sap 12 SP2
2.6.3-7.15.1
fixed
suse enterprise sap 12 SP3
2.6.3-7.15.1
fixed
suse enterprise server 12 SP2
2.6.3-7.15.1
fixed
suse enterprise server 12 SP3
2.6.3-7.15.1
fixed
libfreetype6
suse enterprise desktop 15
2.9-2.13
fixed
suse enterprise desktop 15 SP1
2.9-2.13
fixed
suse enterprise desktop 15 SP2
2.10.1-4.3.1
fixed
suse enterprise desktop 15 SP3
2.10.1-4.8.1
fixed
suse enterprise desktop 15 SP4
2.10.1-4.8.1
fixed
suse enterprise desktop 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise desktop 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise desktop 15 SP7
2.10.4-150000.4.22.1
fixed
suse enterprise sap 12 SP2
2.6.3-7.15.1
fixed
suse enterprise sap 12 SP3
2.6.3-7.15.1
fixed
suse enterprise sap 12 SP5
2.6.3-7.15.1
fixed
suse enterprise sap 15
2.9-2.13
fixed
suse enterprise sap 15 SP1
2.9-2.13
fixed
suse enterprise sap 15 SP2
2.10.1-4.3.1
fixed
suse enterprise sap 15 SP3
2.10.1-4.8.1
fixed
suse enterprise sap 15 SP4
2.10.1-4.8.1
fixed
suse enterprise sap 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise sap 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise sap 15 SP7
2.10.4-150000.4.22.1
fixed
suse enterprise server 12 SP2
2.6.3-7.15.1
fixed
suse enterprise server 12 SP3
2.6.3-7.15.1
fixed
suse enterprise server 12 SP4
2.6.3-7.15.1
fixed
suse enterprise server 12 SP5
2.6.3-7.15.1
fixed
suse enterprise server 15
2.9-2.13
fixed
suse enterprise server 15 SP1
2.9-2.13
fixed
suse enterprise server 15 SP2
2.10.1-4.3.1
fixed
suse enterprise server 15 SP3
2.10.1-4.8.1
fixed
suse enterprise server 15 SP4
2.10.1-4.8.1
fixed
suse enterprise server 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise server 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise server 15 SP7
2.10.4-150000.4.22.1
fixed
libfreetype6-32bit
suse enterprise desktop 15
2.9-2.13
fixed
suse enterprise desktop 15 SP1
2.9-2.13
fixed
suse enterprise desktop 15 SP2
2.10.1-4.3.1
fixed
suse enterprise desktop 15 SP3
2.10.1-4.8.1
fixed
suse enterprise desktop 15 SP4
2.10.1-4.8.1
fixed
suse enterprise desktop 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise desktop 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise desktop 15 SP7
2.10.4-150000.4.22.1
fixed
suse enterprise sap 12 SP2
2.6.3-7.15.1
fixed
suse enterprise sap 12 SP3
2.6.3-7.15.1
fixed
suse enterprise sap 12 SP5
2.6.3-7.15.1
fixed
suse enterprise sap 15
2.9-2.13
fixed
suse enterprise sap 15 SP1
2.9-2.13
fixed
suse enterprise sap 15 SP2
2.10.1-4.3.1
fixed
suse enterprise sap 15 SP3
2.10.1-4.8.1
fixed
suse enterprise sap 15 SP4
2.10.1-4.8.1
fixed
suse enterprise sap 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise sap 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise sap 15 SP7
2.10.4-150000.4.22.1
fixed
suse enterprise server 12 SP2
2.6.3-7.15.1
fixed
suse enterprise server 12 SP3
2.6.3-7.15.1
fixed
suse enterprise server 12 SP4
2.6.3-7.15.1
fixed
suse enterprise server 12 SP5
2.6.3-7.15.1
fixed
suse enterprise server 15
2.9-2.13
fixed
suse enterprise server 15 SP1
2.9-2.13
fixed
suse enterprise server 15 SP2
2.10.1-4.3.1
fixed
suse enterprise server 15 SP3
2.10.1-4.8.1
fixed
suse enterprise server 15 SP4
2.10.1-4.8.1
fixed
suse enterprise server 15 SP5
2.10.4-150000.4.12.1
fixed
suse enterprise server 15 SP6
2.10.4-150000.4.15.1
fixed
suse enterprise server 15 SP7
2.10.4-150000.4.22.1
fixed
Common Weakness Enumeration
References
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
http://www.debian.org/security/2017/dsa-3839
http://www.securityfocus.com/bid/99093
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
https://security.gentoo.org/glsa/201706-14
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
http://www.debian.org/security/2017/dsa-3839
http://www.securityfocus.com/bid/99093
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
https://security.gentoo.org/glsa/201706-14
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html