CVE-2023-37769
https://notcve.org/view.php?id=CVE-2023-37769
stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c. • https://gitlab.freedesktop.org/pixman/pixman/-/issues/76 • CWE-369: Divide By Zero •
CVE-2022-44638 – pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-44638
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. En libpixman en Pixman anterior a 0.42.2, hay una escritura fuera de límites (también conocida como desbordamiento de búfer basado en montón) en rasterize_edges_8 debido a un desbordamiento de enteros en pixman_sample_floor_y. A flaw was found in pixman. This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. This can result in data corruption, a crash, or code execution. pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. • http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html http://www.openwall.com/lists/oss-security/2022/11/05/1 https://gitlab.freedesktop.org/pixman/pixman/-/issues/63 https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2015-5297
https://notcve.org/view.php?id=CVE-2015-5297
An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code. Un fallo de desbordamiento de entero ha sido informado en el general_composite_rect() function en pixman anterior a la versión 0.32.8 un atacante podría explotar este problema para causar una aplicación usando pixman para bloquear o potencialmente, ejecutar un código arbitrario. • https://bugs.freedesktop.org/show_bug.cgi?id=92027 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297 • CWE-190: Integer Overflow or Wraparound •
CVE-2014-9766
https://notcve.org/view.php?id=CVE-2014-9766
Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values. Desbordamiento de entero en la función create_bits en pixman-bits-image.c en Pixman en versiones anteriores a 0.32.6 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de valores grandes de height y stride. • http://www.debian.org/security/2016/dsa-3525 http://www.openwall.com/lists/oss-security/2016/02/24/13 http://www.openwall.com/lists/oss-security/2016/02/24/15 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.ubuntu.com/usn/USN-2918-1 https://bugs.freedesktop.org/show_bug.cgi?id=69014 https://bugzilla.redhat.com/show_bug.cgi?id=972647 https://cgit.freedesktop.org/pixman/commit/?id=857e40f3d2bc2cfb714913e0cd7e6184cf69aca3 https://lists • CWE-189: Numeric Errors •
CVE-2013-6424 – xorg-x11-server: integer underflow when handling trapezoids
https://notcve.org/view.php?id=CVE-2013-6424
Integer underflow in the xTrapezoidValid macro in render/picture.h in X.Org allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value. Underflow de entero en la macro xTrapezoidValid en render/picture.h de X.Org permite a atacantes dependientes de contexto causar una denegación de servicio (crash) a través de un valor mínimo negativo . • http://lists.opensuse.org/opensuse-updates/2013-12/msg00127.html http://lists.x.org/archives/xorg-devel/2013-October/037996.html http://rhn.redhat.com/errata/RHSA-2013-1868.html http://www.debian.org/security/2013/dsa-2822 http://www.openwall.com/lists/oss-security/2013/12/03/8 http://www.openwall.com/lists/oss-security/2013/12/04/8 http://www.ubuntu.com/usn/USN-2500-1 https://bugs.freedesktop.org/show_bug.cgi?id=67484 https://bugs.launchpad.net/ubuntu • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •