MidnightBSD

Advisories for fontconfig_project

CVE-2016-5384 MEDIUM

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-415,

Products Affected

Vendor Product Version
fedoraproject fedora 23
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
debian debian_linux 8.0
canonical ubuntu_linux 14.04
fontconfig_project fontconfig *
fedoraproject fedora 24
CVE-2026-34085

fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 2.5 3.4

Products Affected

Vendor Product Version
fontconfig_project fontconfig *