Severity
Medium
Vendor
Ubuntu, Pixman
Versions Affected
- Ubuntu 14.04 LTS
Description
Pixman could be made to crash or run programs as your login if it processed specially crafted data.
Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.
Affected Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry rootfs prior to 1.41.0
Mitigation
Users of affected versions should apply the following mitigation:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with rootfs version 1.41.0 and higher.
Credit
Vincent LE GARREC