VDB
GCVE-110-MAGEIA-2016-287
GCVE-110-MAGEIA-2016-287
Advisory Published
Tobias Stoeckmann discovered that cache files are insufficiently
validated in fontconfig, a generic font configuration library. An
attacker can trigger arbitrary free() calls, which in turn allows
double free attacks and therefore arbitrary code execution. In
combination with setuid binaries using crafted cache files, this
could allow privilege escalation (CVE-2016-5384).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | fontconfig | 0 (affected), 2.11.1-4.1.mga5 (unaffected) | — |
Aliases
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.