user/freetype: multiple vulnerabilities
# | CVE ID | CWE ID | Publish Date | Update Date | Score | Gained Access Level | Access | Complexity | Authentication | Conf. | Integ. | Avail. | Desc. |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | CVE-2022-27406 | 125 | 2022-04-22 | 2022-07-27 | 5.0 | None | Remote | Low | Not required | None | None | Partial | FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. |
2 | CVE-2022-27405 | 125 | 2022-04-22 | 2022-07-27 | 5.0 | None | Remote | Low | Not required | None | None | Partial | FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. |
3 | CVE-2022-27404 | 787 | 2022-04-22 | 2022-07-27 | 7.5 | None | Remote | Low | Not required | Partial | Partial | Partial | FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. |
For reference:
- CVE-2022-27404 / 1e2eb65048f75c64b68708efed6ce904c31f3b2f fixed in
2.12.1
+ issue https://gitlab.freedesktop.org/freetype/freetype/-/issues/1152 - CVE-2022-27405 / 53dfdcd8198d2b3201a23c4bad9190519ba918db fixed in
2.12.1
+ issue https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138, fixed by https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db - CVE-2022-27406 / 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 fixed in
2.12.1
+ issue https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139, fixed by https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5