user/librsvg: CVE-2017-11464: box_blur_line division by zero
Bugzilla ID | 335 |
Alias(es) | CVE-2017-11464 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2020-07-22 13:18:53 -0500 |
Modified | 2020-07-22 13:18:53 -0500 |
Status | UNCONFIRMED |
Version | 1.0-RC1 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Package(s) | user/librsvg |
URL | https://nvd.nist.gov/vuln/detail/CVE-2017-11464 |
Description
A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in
GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file,
because of incorrect protection against division by zero.
https://gitlab.gnome.org/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a