CVE-2016-5384 – fontconfig: Possible double free due to insufficiently validated cache files

https://notcve.org/view.php?id=CVE-2016-5384

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. fontconfig en versiones anteriores a 2.12.1 no valida offsets, lo que permite a usuarios locales desencadenar llamadas gratis arbitrarias y consecuentemente llevar a cabo ataques gratuitos dobles y ejecutar código arbitrario a través de un archivo de caché manipulado. It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted cache file to trigger arbitrary free() calls, which in turn could lead to arbitrary code execution. • http://rhn.redhat.com/errata/RHSA-2016-2601.html http://www.debian.org/security/2016/dsa-3644 http://www.securityfocus.com/bid/92339 http://www.ubuntu.com/usn/USN-3063-1 https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CJ45VRAMCIISHOVKFVOQYQUSTUJP7FC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGOS4YYB7UYAWX5AEXJZHDIX4ZMSXSW5 https:// • CWE-20: Improper Input Validation CWE-415: Double Free •