CVE-2023-2004 Information

Description

An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=2186428 https://access.redhat.com/security/cve/CVE-2023-2004 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50462 https://github.com/freetype/freetype/commit/e6fda039ad638866b7a6a5d046f03278ba1b7611