{"id":"CVE-2017-11464","details":"A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.","modified":"2026-02-11T13:54:48.117519Z","published":"2017-07-19T21:29:00.197Z","related":["MGASA-2017-0247","SUSE-SU-2017:2117-1","openSUSE-SU-2024:10986-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/99956"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00016.html"},{"type":"WEB","url":"https://usn.ubuntu.com/4436-1/"},{"type":"ADVISORY","url":"https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"},{"type":"ADVISORY","url":"https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"},{"type":"REPORT","url":"https://bugzilla.gnome.org/show_bug.cgi?id=783835"},{"type":"REPORT","url":"https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"},{"type":"REPORT","url":"https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"},{"type":"FIX","url":"https://git.gnome.org/browse/librsvg/commit/?id=ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"},{"type":"FIX","url":"https://github.com/GNOME/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/librsvg","events":[{"introduced":"0"},{"fixed":"ecf9267a24b2c3c0cd211dbdfa9ef2232511972a"}]}],"versions":["2.34.0","2.34.1","2.35.0","2.35.1","2.35.2","2.36.0","2.36.1","2.36.2","2.36.3","2.36.4","2.37.0","2.39.0","2.40.0","2.40.1","2.40.10","2.40.11","2.40.12","2.40.13","2.40.14","2.40.15","2.40.16","2.40.2","2.40.3","2.40.4","2.40.5","2.40.6","2.40.7","2.40.8","2.40.9","2.41.0","GNOME_2_4_BRANCHPOINT","LIBRSVG_0_0_1","LIBRSVG_1_0_0","LIBRSVG_1_0_1","LIBRSVG_1_0_ANCHOR","LIBRSVG_1_1_1","LIBRSVG_1_1_2","LIBRSVG_1_1_3","LIBRSVG_1_1_4","LIBRSVG_1_1_5","LIBRSVG_1_1_6","LIBRSVG_2_0_1","LIBRSVG_2_1_0","LIBRSVG_2_1_1","LIBRSVG_2_1_2","LIBRSVG_2_1_3","LIBRSVG_2_1_4","LIBRSVG_2_1_5","LIBRSVG_2_22_3","LIBRSVG_2_26_2","LIBRSVG_2_26_3","LIBRSVG_2_2_0","LIBRSVG_2_31_0","help","librsvg-2-13-3","librsvg-2-13-90","librsvg-2-13-93","release-2-2-4","release-2-2-5","release-2-3-0","release-2-4-0"],"database_specific":{"vanir_signatures":[{"target":{"file":"rsvg-filter.c"},"signature_version":"v1","id":"CVE-2017-11464-1042029f","source":"https://github.com/gnome/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a","deprecated":false,"digest":{"line_hashes":["60710757765042846072452963898315618095","81260221110783572576927806438717161855","287741113869909529612899174918313465550","260269830588127276579239904639252216220","271919613184680644970865977288842949543","246686619793903000549094537293056569659","333848912678487153469182658722756863527","46477267391596318075153474765805612706","108157836319644259159162778449093533869","297219754582390609361279564228753198207","176682382039225235177199854706792212973","65639977433304009880378936341933579960","4575917603576060409660513994630108673","299226572798831544891234881543592226228","38248917887221310127579179192707040202","181695919477162480657695002558378404689","333551738086001108360925952947498495309","288987956424050598615177992042407208044","39829462587944474158032638248929622032","260216527266713660903957231831411670895","238533111514560442674895364655264063808","12403177967334019117040563182884082994"],"threshold":0.9},"signature_type":"Line"},{"target":{"function":"box_blur_line","file":"rsvg-filter.c"},"signature_version":"v1","id":"CVE-2017-11464-cd2c1adf","source":"https://github.com/gnome/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a","deprecated":false,"digest":{"length":1806,"function_hash":"161871756992978402804585812170458726280"},"signature_type":"Function"},{"target":{"function":"gaussian_blur_surface","file":"rsvg-filter.c"},"signature_version":"v1","id":"CVE-2017-11464-dceb298a","source":"https://github.com/gnome/librsvg/commit/ecf9267a24b2c3c0cd211dbdfa9ef2232511972a","deprecated":false,"digest":{"length":2858,"function_hash":"178831317672766392428689827288743486572"},"signature_type":"Function"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-11464.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}