VDB

GCVE-110-MAGEIA-2016-287

GCVE-110-MAGEIA-2016-287
Advisory Published
Vulnetix · Advisory published August 31, 2016
Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free() calls, which in turn allows double free attacks and therefore arbitrary code execution. In combination with setuid binaries using crafted cache files, this could allow privilege escalation (CVE-2016-5384).

Affected Products

VendorProductVersionsPlatforms
Mageiafontconfig0 (affected), 2.11.1-4.1.mga5 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›