ID CVE-2016-5384
Summary fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
References
Vulnerable Configurations
  • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.1.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.1.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.1.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.1.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.1.93:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.1.93:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.1.94:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.1.94:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.90:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.90:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.93:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.93:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.94:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.94:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.95:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.95:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.96:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.96:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.97:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.97:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.98:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.98:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.2.99:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.2.99:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.1-2:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.1-2:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.90:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.90:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.93:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.93:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.94:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.94:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.95:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.95:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.96:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.96:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.3.97:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.3.97:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.4.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.4.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.4.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.4.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.5.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.5.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.5.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.5.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.5.93:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.5.93:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.9.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.9.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.9.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.9.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.93:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.93:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.94:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.94:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.10.95:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.10.95:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.91:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.91:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.92:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.92:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.93:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.93:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.94:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.94:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.11.95:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.11.95:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.12:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:fontconfig_project:fontconfig:2.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:fontconfig_project:fontconfig:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
CVSS
Base: 4.6 (as of 31-01-2022 - 17:37)
Impact:
Exploitability:
CWE CWE-415
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 1350891
title CVE-2016-5384 fontconfig: Possible double free due to insufficiently validated cache files
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment fontconfig is earlier than 0:2.10.95-10.el7
          oval oval:com.redhat.rhsa:tst:20162601001
        • comment fontconfig is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162601002
      • AND
        • comment fontconfig-devel is earlier than 0:2.10.95-10.el7
          oval oval:com.redhat.rhsa:tst:20162601003
        • comment fontconfig-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162601004
      • AND
        • comment fontconfig-devel-doc is earlier than 0:2.10.95-10.el7
          oval oval:com.redhat.rhsa:tst:20162601005
        • comment fontconfig-devel-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162601006
rhsa
id RHSA-2016:2601
released 2016-11-03
severity Moderate
title RHSA-2016:2601: fontconfig security and bug fix update (Moderate)
rpms
  • fontconfig-0:2.10.95-10.el7
  • fontconfig-debuginfo-0:2.10.95-10.el7
  • fontconfig-devel-0:2.10.95-10.el7
  • fontconfig-devel-doc-0:2.10.95-10.el7
refmap via4
bid 92339
confirm https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940
debian DSA-3644
fedora
  • FEDORA-2016-6802f2e52a
  • FEDORA-2016-e23ab56ce3
mlist [Fontconfig] 20160805 fontconfig: Branch 'master' - 3 commits
ubuntu USN-3063-1
Last major update 31-01-2022 - 17:37
Published 13-08-2016 - 01:59
Last modified 31-01-2022 - 17:37
Back to Top