Cloud Foundry Logo
blog single gear
Blog
Security Advisory

USN-2927-1 Graphite2 vulnerabilities

by: March 24, 2016

USN-2927-1 Graphite2 vulnerabilities

Severity

Medium

Vendor

Graphite2

Versions Affected

  • Ubuntu 14.04

Description

Graphite2 could be made to crash or run programs as your login if it opened a specially crafted font.

It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected Products and Versions

Severity is medium unless otherwise noted.

  • All versions of Cloud Foundry rootfs prior to 1.44.0

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry project recommends that Cloud Foundry deployments run with rootfs version 1.44.0 and higher

Credit

None

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-6219-1: Ruby vulnerabilities
Security Advisory

USN-6219-1: Ruby vulnerabilities

by Cloud Foundry Foundation Security Team September 28, 2023
USN-4256-1: Cyrus SASL vulnerability
Security Advisory

USN-4256-1: Cyrus SASL vulnerability

by Cloud Foundry Foundation Security Team February 12, 2020
CVE-2018-1231: BOSH CLI does not restrict access to configuration file
Security Advisory

CVE-2018-1231: BOSH CLI does not restrict access to configuration file

by Cloud Foundry Foundation Security Team March 26, 2018
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept