A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.
Weakness
The product divides a value by zero.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Librsvg | Gnome | 2.40.17 (including) | 2.40.17 (including) |
| Librsvg | Ubuntu | esm-infra-legacy/xenial | * |
| Librsvg | Ubuntu | esm-infra/xenial | * |
| Librsvg | Ubuntu | xenial | * |
| Librsvg | Ubuntu | yakkety | * |
| Librsvg | Ubuntu | zesty | * |
References
- http://www.securityfocus.com/bid/99956
- https://bugzilla.gnome.org/show_bug.cgi?id=783835
- https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html
- https://usn.ubuntu.com/4436-1/
- http://www.securityfocus.com/bid/99956
- https://bugzilla.gnome.org/show_bug.cgi?id=783835
- https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a
- https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html
- https://usn.ubuntu.com/4436-1/