An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption.
References
Link | Resource |
---|---|
https://github.com/svgpp/svgpp/issues/70 | Exploit Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/02/msg00001.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/12/msg00038.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html | |
https://github.com/svgpp/svgpp/issues/70 | Exploit Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/02/msg00001.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/12/msg00038.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html |
Configurations
History
21 Nov 2024, 04:46
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/svgpp/svgpp/issues/70 - Exploit, Patch, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2019/02/msg00001.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2021/12/msg00038.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html - |
01 Apr 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
06 Apr 2022, 18:33
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/02/msg00001.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/12/msg00038.html - Mailing List, Third Party Advisory | |
CWE | CWE-787 |
31 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-01-13 00:29
Updated : 2024-11-21 04:46
NVD link : CVE-2019-6245
Mitre link : CVE-2019-6245
CVE.ORG link : CVE-2019-6245
JSON object : View
Products Affected
svgpp
- svgpp
debian
- debian_linux
antigrain
- agg
CWE
CWE-787
Out-of-bounds Write