Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-3190

The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.

Related bugs and status

CVE-2016-3190 (Candidate) is related to these bugs:

Bug #1594034: Firefox and Thunderbird possibly affected by CVE-2016-3190

Summary				In	Importance	Status
	1594034	Firefox and Thunderbird possibly affected by CVE-2016-3190		firefox (Ubuntu)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

MLIST: [cairo-announce] 20150...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://cgit.freedeskt...
SUSE: openSUSE-SU-2016:1007