A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
References
Link | Resource |
---|---|
https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a | Issue Tracking Patch Third Party Advisory |
https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a | Issue Tracking Patch Third Party Advisory |
https://bugzilla.gnome.org/show_bug.cgi?id=783835 | Permissions Required |
http://www.securityfocus.com/bid/99956 | |
https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html | |
https://usn.ubuntu.com/4436-1/ |
Configurations
Information
Published : 2017-07-19 14:29
Updated : 2020-07-28 15:15
NVD link : CVE-2017-11464
Mitre link : CVE-2017-11464
JSON object : View
CWE
CWE-369
Divide By Zero
Products Affected
gnome
- librsvg