Advisories » MGASA-2022-0423

Updated pixman packages fix security vulnerability

Publication date: 13 Nov 2022
Modification date: 13 Nov 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-44638

Description

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka
heap-based buffer overflow) in rasterize_edges_8 due to an integer
overflow in pixman_sample_floor_y. (CVE-2022-44638)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31088
• https://lists.x.org/archives/xorg-announce/2022-November/003249.html
• https://lists.x.org/archives/xorg-announce/2022-November/003251.html
• https://www.debian.org/lts/security/2022/dla-3179
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44638

SRPMS

8/core

• pixman-0.40.0-1.1.mga8