CVE-2011-2895

N/A Unknown
Published: August 19, 2011 Modified: April 29, 2026
View on NVD

Description

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Source: secalert@redhat.com
Patch
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Source: secalert@redhat.com
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Source: secalert@redhat.com
Patch
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Source: secalert@redhat.com
Patch
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
Source: secalert@redhat.com
http://secunia.com/advisories/45544
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45568
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45599
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45986
Source: secalert@redhat.com
http://secunia.com/advisories/46127
Source: secalert@redhat.com
http://secunia.com/advisories/48951
Source: secalert@redhat.com
http://securitytracker.com/id?1025920
Source: secalert@redhat.com
http://support.apple.com/kb/HT5130
Source: secalert@redhat.com
http://support.apple.com/kb/HT5281
Source: secalert@redhat.com
http://www.debian.org/security/2011/dsa-2293
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
Source: secalert@redhat.com
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
Source: secalert@redhat.com
http://www.openwall.com/lists/oss-security/2011/08/10/10
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2011-1154.html
Source: secalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1155.html
Source: secalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1161.html
Source: secalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1834.html
Source: secalert@redhat.com
http://www.securityfocus.com/bid/49124
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-1191-1
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=725760
Source: secalert@redhat.com
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=727624
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Source: secalert@redhat.com
https://support.apple.com/HT205635
Source: secalert@redhat.com
https://support.apple.com/HT205637
Source: secalert@redhat.com
https://support.apple.com/HT205640
Source: secalert@redhat.com
https://support.apple.com/HT205641
Source: secalert@redhat.com
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/45544
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45568
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45599
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45986
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/46127
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/48951
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1025920
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT5130
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT5281
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2011/dsa-2293
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openwall.com/lists/oss-security/2011/08/10/10
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2011-1154.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1155.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1161.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1834.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/49124
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-1191-1
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=725760
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=727624
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Source: af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/HT205635
Source: af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/HT205637
Source: af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/HT205640
Source: af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/HT205641
Source: af854a3a-2127-422b-91ae-364da2661108

76 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
8.4%
94th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

freetype netbsd freebsd x openbsd

Related CVEs

CVE-2026-13422 4.3
CVE-2026-13335 6.4
CVE-2026-13333 6.5
CVE-2026-13331 6.5
CVE-2026-11356 4.4