CVE-2016-5384 (NVD)- Vulnerability Info (edit)
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
|Products||Debian_linux, Fedora, Fontconfig|
Double Free (CWE-415)
|First patch||- None (likely due to unavailable code)|
No patch was assigned yet.