CVE-2014-2240

Published: 12 March 2014

Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.

Notes

Author	Note
seth-arnold	see also CVE-2014-9659

Priority

Status

Package	Release	Status
freetype Launchpad, Ubuntu, Debian	lucid	Not vulnerable (code not present)
	precise	Not vulnerable (code not present)
	quantal	Not vulnerable (code not present)
	saucy	Released (2.4.12-0ubuntu1.1)
	upstream	Released (2.5.3)
	Patches: upstream: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0eae6eb0645264c98812f0095e0f5df4541830e6

References

http://sourceforge.net/projects/freetype/files/freetype2/2.5.3/
http://www.securitytracker.com/id/1029895
http://secunia.com/advisories/57291
https://ubuntu.com/security/notices/USN-2148-1
https://www.cve.org/CVERecord?id=CVE-2014-2240
NVD
Launchpad
Debian

Bugs

https://savannah.nongnu.org/bugs/?41697
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741299

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›