CVE-2020-15999 Freetype memory corruption bug

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #436,771

by scoenye

10/22/20 10:02:29 PM

CVE-2020-15999 Freetype memory corruption bug

The bug is triggered by fonts with embedded PNG images reporting a size over 65535. There is an active exploit targeting Chrome but other things that use Freetype and pipe in fonts from the interwebs may be vulnerable as well.

Gory details: https://savannah.nongnu.org/bugs/?59308

0-day in Chrome fixed this morning, time to update. -NT - (malraux) - (2) - Oct. 21, 2020, 10:05:13 AM EDT

Google "adds two lines" of relevance (?) - (Ashton) - (1) - Oct. 22, 2020, 09:06:41 PM EDT

CVE-2020-15999 Freetype memory corruption bug - (scoenye) - Oct. 22, 2020, 10:02:29 PM EDT

iwethey.org

Everyone is terrible and the world is burning.
38 ms