CVE-2016-3190

Published on: 04/21/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:02 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Cairo from Cairographics contain the following vulnerability:

The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.

  • CVE-2016-3190 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE PARTIAL

CVE References

Description Tags Link
cairo release 1.14.2 now available Patch
mail.gnome.org
text/html
URL Logo MLIST [cairo-announce] 20150310 cairo release 1.14.2 now available
openSUSE-SU-2016:1007-1: moderate: Security update for cairo lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:1007
1318977 – (CVE-2016-3190) CVE-2016-3190 cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans bugzilla.redhat.com
text/html
URL Logo CONFIRM bugzilla.redhat.com/show_bug.cgi?id=1318977
Exploit
cgit.freedesktop.org
text/x-diff
CONFIRM cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c82d91a5e15d29b1489dcb413b24ee7fdf59934

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCairographicsCairoAllAllAllAll
Operating
System
OpensuseOpensuse13.2AllAllAll
Operating
System
OpensuseOpensuse13.2AllAllAll
  • cpe:2.3:a:cairographics:cairo:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*: