CVE-2014-9675
First published: Sun Feb 08 2015(Updated: )
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Ubuntu | =10.04 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =14.10 | |
| Ubuntu | =15.04 | |
| FreeType | <=2.5.3 | |
| Debian | =7.0 | |
| Fedora | =20 | |
| Fedora | =21 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =6.0 | |
| Red Hat Enterprise Linux HPC Node | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.1 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =6.6.z | |
| Red Hat Enterprise Linux Server | =7.1 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| SUSE Linux | =13.1 | |
| SUSE Linux | =13.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://android.googlesource.com/platform/external/freetype/+/f720f0dbcf012d6c984dbbefa0875ef9840458c6
- https://android.googlesource.com/platform/external/pdfium/+/96f965ff7411f1edba72140fd70740e63cabec71
- https://source.android.com/docs/security/bulletin/2016-11-01 (Advisory)
- http://advisories.mageia.org/MGASA-2015-0083.html
- http://code.google.com/p/google-security-research/issues/detail?id=151
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html
- http://rhn.redhat.com/errata/RHSA-2015-0696.html
- http://www.debian.org/security/2015/dsa-3188
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:055
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.securityfocus.com/bid/72986
- http://www.ubuntu.com/usn/USN-2510-1
- http://www.ubuntu.com/usn/USN-2739-1
- https://security.gentoo.org/glsa/201503-05
- https://source.android.com/security/bulletin/2016-11-01.html
Frequently Asked Questions
What is the severity of CVE-2014-9675?
CVE-2014-9675 is considered a high severity vulnerability due to its potential to allow remote attackers to bypass ASLR and exploit heap memory.
How do I fix CVE-2014-9675?
To fix CVE-2014-9675, users should upgrade FreeType to version 2.5.4 or later, or apply relevant patches provided by their operating system vendor.
What systems are affected by CVE-2014-9675?
CVE-2014-9675 affects multiple systems including various versions of FreeType and operating systems like Ubuntu, Debian, Fedora, and Red Hat Enterprise Linux.
Can CVE-2014-9675 be exploited remotely?
Yes, CVE-2014-9675 can be exploited remotely by attackers using specially crafted BDF fonts.
What impact does CVE-2014-9675 have on security?
CVE-2014-9675 could allow attackers to discover heap pointer values, leading to potential arbitrary code execution and compromise of application security.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/10.04
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/14.10
- version/ubuntu/15.04
- vendor/freetype
- canonical/freetype
- version/freetype/2.5.3
- vendor/debian
- canonical/debian
- version/debian/7.0
- vendor/fedoraproject
- canonical/fedora
- version/fedora/20
- version/fedora/21
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux hpc node
- version/red hat enterprise linux hpc node/6.0
- version/red hat enterprise linux hpc node/7.0
- version/red hat enterprise linux hpc node/7.1
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/6.6.z
- version/red hat enterprise linux server/7.1
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- vendor/opensuse
- canonical/suse linux
- version/suse linux/13.1
- version/suse linux/13.2