All Vulnerability Reports

USN-2918-1 Pixman vulnerabilities


Severity

Medium

Vendor

Ubuntu, Pixman

Versions Affected

  • Ubuntu 14.04 LTS

Description

Pixman could be made to crash or run programs as your login if it processed specially crafted data.

Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected VMware Products and Versions

Severity is medium unless otherwise noted.

  • All versions of Cloud Foundry rootfs prior to 1.41.0
  • All versions of Pivotal Elastic Runtime

Mitigation

Users of affected versions should apply the following mitigation:

  • The Cloud Foundry project recommends that Cloud Foundry deployments run with rootfs version 1.41.0 and higher.
  • Upgrade Pivotal Elastic Runtime 1.5.x versions to 1.5.18 or later OR 1.6.x versions to 1.6.19 or later

Credit

Vincent LE GARREC

References