freetype: NULL pointer dereference in the Ins_GETVARIATION() function (CVE-2018-6942)
An issue was discovered in FreeType 2 through 2.9. A NULL pointer
dereference in the Ins_GETVARIATION()
function within ttinterp.c could lead to DoS via a crafted font file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2018-6942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
Patch:
(from redmine: issue id 8986, created on 2018-06-12, closed on 2018-06-14)
- Relations:
- copied_to #8987 (closed)
- copied_to #8988 (closed)
- copied_to #8989 (closed)
- copied_to #8990 (closed)
- child #8987 (closed)
- child #8988 (closed)
- child #8989 (closed)
- child #8990 (closed)