CVE-2018-19876

cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free(): invalid pointer" error.
References
Link Resource
https://bugs.webkit.org/show_bug.cgi?id=191595 Issue Tracking Patch Third Party Advisory
https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 Patch Third Party Advisory
https://bugs.webkit.org/show_bug.cgi?id=191595 Issue Tracking Patch Third Party Advisory
https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:cairographics:cairo:1.16.0:*:*:*:*:*:*:*

History

21 Nov 2024, 03:58

Type Values Removed Values Added
References () https://bugs.webkit.org/show_bug.cgi?id=191595 - Issue Tracking, Patch, Third Party Advisory () https://bugs.webkit.org/show_bug.cgi?id=191595 - Issue Tracking, Patch, Third Party Advisory
References () https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 - Patch, Third Party Advisory () https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 - Patch, Third Party Advisory

Information

Published : 2018-12-05 20:29

Updated : 2024-11-21 03:58


NVD link : CVE-2018-19876

Mitre link : CVE-2018-19876

CVE.ORG link : CVE-2018-19876


JSON object : View

Products Affected

cairographics

  • cairo
CWE
CWE-416

Use After Free