CVE-2017-7475

Metadata

medium
4.3
cairo
CVE-2017-7475
cve.mitre.org, bugs.freedesktop.org
2017-05-19
2017-10-23 14:24
CVE-2017-7475 cairo
2017-07-20 21:33
2017-06-16 18:42
2017-06-15 17:13
2017-05-26 05:03
2017-05-10 23:55
2017-05-04 21:03
2017-05-01 19:03

Description

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
artful cairo None
devel cairo None
trusty cairo None
xenial cairo None
zesty cairo None

Unaffected

Release Package Reason
precise cairo ignored
precise/esm cairo DNE
vivid/stable-phone-overlay cairo ignored
vivid/ubuntu-core cairo DNE
yakkety cairo ignored

Needs Triage

Release Package Reason
upstream cairo needs-triage